Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Share internet with neighborhood without compromising security

    Scheduled Pinned Locked Moved Wireless
    2 Posts 2 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      volkan
      last edited by

      I want to setup a pfsence box with 4 nics :

      1. WAN
      2. home network
      3. servers
      4. wireless

      with this i want to setit up in such way that wireless–>WAN is accesable for everyone but i want to cut off bandwitdh for every connection at 512kbps. At the same time i want to be able to use the wireless connection but be able to get on the rest of my network with a secure connection.
      Is this possible without comprimising security on my home network and servers??

      1 Reply Last reply Reply Quote 0
      • H
        hoba
        last edited by

        The only thing that is not doable is to have trafficshaping at more than 2 interfaces, so you can't limit the neighbours to only use 512kbps. For the rest create a block rule at the wireless interface to not allow access to the other suibnets but to wan. Enable the pptp server or enable mobile ipsec clients (depending on what you prefer, pptp is probably easier to set up and most os's support it out of the box whereas you most likely need an additional ipsec client when using ipsec). Then you can tunnel in to your other networks with your own wireless client whereas the others can't access your private subnets and also only see encrypted traffic from your notebook to these subnets.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.