Stoping one computer seeing the router page or other computers?
-
Hello I'm new to pfsense still. I was wondering if there was a way if a computer can still reach the internet and remote desktop But not reach the router page or other computers on the network. Is this posible a howto? I'm sorry I'm not much of a programmer but I'm learning.
Joseph
-
First, create a rule on the interface this computer in question is on, allowing the devices you want to hit the page, to hit it. You may have to do this on multiple interfaces. Then on settings -> advanced -> admin access check the box that says "Disable webConfigurator anti-lockout rule". save and good. Just make sure you have your proper allow rules, in place and at the top of your rule list, before disabling this, else you'll be consoling in to roll-back.
-
@josephchrzempiec Yes if you put it on another VLAN/Subnet.
-
@jgraham5481 That won't stop east to west traffic from and to the computer in question--unless he has a managed switch that can apply private VLANs per switchport. However it will prevent access to the router mgmt web interface.
-
@josephchrzempiec said in Stoping one computer seeing the router page or other computers?:
a computer can still
A computer does nothing.
What OS ?
If you use W10, set your network type to Public (not Private).On the interface of pfSense, put a firewall rule on top, blocking the IPv4 of that PC.
Do you use the https GUI access ? Then block https also.
Same for SSH.Btw : later on you discover that you should probably also block the IPv6 from your PC.
That's probably the moment you should put this PC on a separate OPTx network.