Denying internet access to clients with static ip



  • need some inputs on these guys,

    i have pfsense release one up and running with no problem here in our office, two adjacent offices are asking if we could give them internet access too, as much as i would like to add another nic just for them, i can't because of hardware pci limitations, it only allows 3 nics. so i decided to install another pfsense just for them, my question is how do i deny access to clients not assigned by dhcp if e.g. some clever user decided to use static ip address to bypass the dhcp server? i know the dhcp server is capable of denying unknown clients but what if the user assigned a static ip, how do i block his/her connection?

    TIA



  • Enable static ARP entries at the dhcp server settings screen. Beware, by turning this on only machines listed in the mac adress list at the bottom of this page will be able to communicate with the pfsense and thus configure it.



  • @hoba:

    Enable static ARP entries at the dhcp server settings screen. Beware, by turning this on only machines listed in the mac adress list at the bottom of this page will be able to communicate with the pfsense and thus configure it.

    this is exactly what i wanted to happen, i just need to give access to two clients, thanks hoba.


Log in to reply