Clients can not access internet



  • Hello,

    this is probably something very simple but I can not find a solution even after couple of hours…

    I just installed pfsens on ALIX. Everything seems to be ok.

    Problem is that I want clients to access only internet from their browsers (for beginning)
    I thought that it should work when I setup LAN rule like that:
    Source: Lan net
    Protocol: TCP
    Port: any
    Destination: any
    D. port: 80

    but it does not work. Clients can access internet only with this rule:
    Source: Lan net
    Protocol: any
    Port: any
    Destination: any
    D. port: any

    OR with Easy rule that I created from log
    Source: 192.168.1.37 (client IP address)
    Protocol: TCP
    Port: any
    Destination: 92.122.253.55 (some web page)
    Port: 80

    I attach a picture, you can see there some other rules as I am playing with setup.

    Thank you in advance for any help.




  • The rules are processed top down (as is explained in the documentation if you take the time to read it ;) ). As such this means the default pass all rule wins each time until you disable it.



  • If you're only permitting TCP 80, you're blocking DNS (TCP/UDP 53), which means nothing will work.



  • @cmb:

    If you're only permitting TCP 80, you're blocking DNS (TCP/UDP 53), which means nothing will work.

    Thank you very much! This is a direction that helps me, there will be probably more to setup because I tried to allow DNS on LAN intf., and some pages are not working but I believe that I will do it.



  • It works now, really only 2 ports needs to be allowed, 80 and 53. I do not know why it did not work before, maybe some cache (?)


Locked