• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Help with filtering from communications from outside the network.

Scheduled Pinned Locked Moved Firewalling
7 Posts 2 Posters 606 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • K
    koren
    last edited by koren Jun 10, 2021, 9:59 AM Jun 10, 2021, 9:20 AM

    Hello, I'm coming from Fortinet products and I can't realize what happens here.
    I have Pfesense installed on VPS.
    I want to connect to him via vpn (L2TP or OpenVpn).
    I've disabled the LAN because its not needed in my situation.
    I want to block any access to the server (ICMP, AdminGui and any other protocols) except VPN connection's .
    And I want to allow to VPN connections full access.
    The target is to block all communication from outside the network and pass all communication from inside the network (VPN users,client,adapter hhhh)

    V 1 Reply Last reply Jun 10, 2021, 5:50 PM Reply Quote 0
    • V
      viragomann @koren
      last edited by Jun 10, 2021, 5:50 PM

      @koren
      By default pfSense blocks anything that is not explicitely allowed by a pass rule.

      Only access to the web configurator is enabled on the LAN or the only one remaining interface for ensuring you're not locking out yourself. You can disable this by adding a check at System> Advanced> Admin Access> Anti-lockout.

      To enable access to the OpenVPN server you have to add an appropriate rule on the incoming interface.

      On a VPN interface pfSense allow any-to-any by default anyway.

      K 1 Reply Last reply Jun 10, 2021, 7:16 PM Reply Quote 0
      • K
        koren @viragomann
        last edited by Jun 10, 2021, 7:16 PM

        @viragomann
        I will explain, I want do block all the types of communication from outside. But enable full access after connecting to the server with vpn.
        I’ve tried many configurations and nothing works.
        Can you tell me how I can do this?

        V 1 Reply Last reply Jun 10, 2021, 7:40 PM Reply Quote 0
        • V
          viragomann @koren
          last edited by Jun 10, 2021, 7:40 PM

          @koren
          There is no need to block anything on LAN or VPN interface, since pfSense blocks any by default.

          So what have you done so far? Do you already have a vpn up and connected?
          You need to provide details regarding your problem.

          K 1 Reply Last reply Jun 10, 2021, 7:58 PM Reply Quote 0
          • K
            koren @viragomann
            last edited by Jun 10, 2021, 7:58 PM

            @viragomann
            Ok , listen.
            I want to block all the communication from outside my network (PFSENSE)
            and enable all from VPN Client.
            this pfsense is for Firewall on a cloud.
            Im connecting to this firewall with vpn and transfering all my network through this firewall and this firewall saves me from ddos and any thing else.
            The vpn conenction is up and connected but i still can't ping the server him self and cant connect to the gui. now you understand?
            I want to allow all the communication if its goes from the vpn to the server.

            V 1 Reply Last reply Jun 10, 2021, 8:09 PM Reply Quote 0
            • V
              viragomann @koren
              last edited by Jun 10, 2021, 8:09 PM

              @koren said in Help with filtering from communications from outside the network.:

              The vpn conenction is up and connected but i still can't ping the server him self and cant connect to the gui.

              Which type of vpn?
              Are the routes set correctly on the client when the vpn is connected?

              K 1 Reply Last reply Jun 12, 2021, 3:00 PM Reply Quote 0
              • K
                koren @viragomann
                last edited by Jun 12, 2021, 3:00 PM

                @viragomann
                routes? bro im connecting from my router gui, I have an option for this.
                I can do everything except ping the server and connect to the gui while connecting to the vpn .

                1 Reply Last reply Reply Quote 0
                1 out of 7
                • First post
                  1/7
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                  This community forum collects and processes your personal information.
                  consent.not_received