Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Security of Vlan on WAN with Send options

    Scheduled Pinned Locked Moved
    General pfSense Questions
    security vlan wan
    3
    19
    1.2k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • stephenw10S
      stephenw10 Netgate Administrator
      last edited by

      Their router will be doing exactly the same thing though.

      If you don't want to do that change ISP.

      johnpozJ 1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator @stephenw10
        last edited by johnpoz

        @stephenw10 said in Security of Vlan on WAN with Send options:

        Their router will be doing exactly the same thing though.

        That was my point ;) hehehe - maybe I wasn't as clear as I wanted to be with my attempt at sarcasm ;) heheh should of added the /s tag I guess.

        I concur the device is possible doing the exact same thing, or maybe it has some generic auth they use for their devices.. Either way the only reason the user has any clue to this is asked the isp use their own device.

        Why don't you bring up your concerns of doing that with the ISP - and see what they say about it. BTW - not seeing any dhcp on my wan as of yet.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.03 | Lab VMs 2.7.2, 24.03

        S 1 Reply Last reply Reply Quote 1
        • S
          srytryagn @johnpoz
          last edited by

          @johnpoz Where I am located there are no ISPs that make it easy to connect your own router. They all have some workaround needed.

          Thanks for settling my mind on this and sharing some info, again this is all a learning process for me I am less experienced than you.

          In the forum post there is one point where I am stuck. They say to send the options with priority 6, when I swapped the prority on the Vlan to 6 my speed dropped a lot. Is there a way to only send that traffic with priority 6 and all other WAN traffic with priority 0 ?

          stephenw10S johnpozJ 2 Replies Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator @srytryagn
            last edited by

            @srytryagn said in Security of Vlan on WAN with Send options:

            Is there a way to only send that traffic with priority 6 and all other WAN traffic with priority 0 ?

            No, not via any easy method. You might be able to do something with netgraph scripting but it would take some development effort.

            If it's working fine for you using prio 0 I would stick with that.

            Steve

            S 2 Replies Last reply Reply Quote 0
            • johnpozJ
              johnpoz LAYER 8 Global Moderator @srytryagn
              last edited by johnpoz

              @srytryagn so that capture has been running for a while this is all I saw

              No discover, not requests, acks just these naks

              dhcp.jpg

              One I can tell from the mac address is a netgear, and that last one is some belkin device.

              belkin.jpg

              But clearly they are doing some filtering, or I would of seen the requests or discovers those devices were sening - but all I saw was naks.

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              SG-4860 24.03 | Lab VMs 2.7.2, 24.03

              1 Reply Last reply Reply Quote 1
              • S
                srytryagn @stephenw10
                last edited by

                @stephenw10 Thanks for taking a look and sharing this. How did you do it ? I am curious on my end to check as well.

                1 Reply Last reply Reply Quote 0
                • S
                  srytryagn @stephenw10
                  last edited by

                  @stephenw10
                  @johnpoz

                  What about if visiting websites or other internet connections, would they be able to see my login information?

                  johnpozJ S 2 Replies Last reply Reply Quote 0
                  • johnpozJ
                    johnpoz LAYER 8 Global Moderator @srytryagn
                    last edited by

                    @srytryagn no.. That login info is sent only via dhcp to your isp, to allow your router to get an IP.

                    An intelligent man is sometimes forced to be drunk to spend time with his fools
                    If you get confused: Listen to the Music Play
                    Please don't Chat/PM me for help, unless mod related
                    SG-4860 24.03 | Lab VMs 2.7.2, 24.03

                    1 Reply Last reply Reply Quote 1
                    • S
                      srytryagn @srytryagn
                      last edited by

                      @srytryagn Awesome. Thx.

                      1 Reply Last reply Reply Quote 0
                      • stephenw10S
                        stephenw10 Netgate Administrator
                        last edited by

                        And logins to other more remote sites will be encrypted with https or similar.

                        1 Reply Last reply Reply Quote 1
                        • First post
                          Last post