IPsec rules to only allow specific pc's



  • Hello all!

    Still new to pfSense and thought I had a handle on how the rules work having successfully implemented rules to allow/block traffic between 3 vlans. But have been unable to block traffic over the IPsec tunnel to a remote office.

    Remote network: 192.168.224.0/24
    Local network: 192.168.1.0/24

    Currently any pc on the local network can access any pc/nas on the remote network. I want to block all pc's on the local network except 192.168.1.31 from accessing the remote network. So I added this rule to the local network's interface.

    001.jpg

    But still any pc on the local network can access any pc/nas on the remote. Similar rules allow/block pc's from accessing other vlans.

    So I added rules to the IPsec interface.

    002.jpg

    From other threads I've read they said the source for IPsec is the remote network and the destination is the local network. And I've entered the above rules flipping the source/destination and that doesn't work either.

    What am I not understanding or doing wrong?

    Appreciate any help.

    Thanks

    Scot


Log in to reply