Rules Clarifcation
-
Hi All
I'm just trying to clarify something. Say my pfsense firewall has two interfaces public address is 1.2.3.4 and private address is 192.168.1.1
When I am creating a firewall rule, an option under source is lan address. Does lan address mean the interface address 192.168.1.1 or does it mean an address say 192.168.1.50 connected to the lan interface? -
In your case LAN address = 192.168.1.1
For 192.168.1.50 it must be "LAN Subnet" ( if you have an /24 )
Maybe if you explain what are trying to do ( some screenshot of the rules tab ), is easy to help / answer with your question.
Also you can take a look to the docs. http://doc.pfsense.org/index.php/Main_Page
-
Sure, I have a non-standard setup. I'm trying to replace sonicwall with pfsense :D (Some of my friends would be upset) but I do believe pfsense is more powerful. Please look at my little layout below.
65.x.x.x pfsense 10.20.20.2/30 ===> 10.20.20.1/30 (Router) 192.168.1.1/24 ====> users
(WAN) (LAN)I'm trying to access the pfsense webconfigurator which has 10.20.20.2 as it's lan address from 192.168.1.50/24 (users) and cannot. I figured the anti-lockoout rule would take care of this since that allows traffic from anywhere on ports 22, 80 and 443 to "lan address" I can ping 10.20.20.2 (pfsense) from 192.168.1.50. I can ping 192.168.1.50 from the pfsense box but I just cannot access the webconfigurator. I'm stumped.
-
All is good, I got it working. Thanks anyway.