Securing network with SG-3100

Choggy2840

Hi Netgate community!

As a lockdown project I decided to turn my old HTPC into a game server hosting box. Anyway as part of this I decided to do a network upgrade and as part of that I bought an SG-3100. I have spent the last week or so setting it up and tinkering with it with some help reading both this forum and the pfSense subreddit.

Anyway the main reason for this post is that I bought the SG-3100 so that I could make my home network more secure (separate IoT/Smart network and separate guest network that sort of thing) and I wanted to check that I am doing the most I can with the SG-3100 to make everything as secure as I can (within reason), especially as I am conscious that I have to open up ports for the games I want to host such as Rust and something like Plex on my NAS. I have attached some pictures of my firewall rules and NAT rule for my Rust server.

Hopefully I haven't missed out any important details but if I have I am sorry. Also if you have any other useful tips with pfSense I would love to hear them as I am new to this.

Thanks
Max

Sorry if I have attached these pictures wrong/in a bad way as this is my first time posting.

WAN Firewall Rules.PNG NAT Firewall Rules.PNG MAIN Firewall Rules.PNG LGS Firewall Rules.PNG LAN Firewall Rules.PNG IOT Firewall Rules.PNG GUEST Firewall Rules.PNG

NollipfSense

@choggy2840 Should have post in Firewall section to attract the best responses. Using floating rule aliases could simplify your firewall.