Block internal website *NEED SOME HELP*

  • Hello,

    This is my setup:

    Internet –-> ISP Modem/router ---> pfSense v1.2 Beta ---> Netgear GS724T gigabit switch with all hosts connected.

    Some IP’s:

    ISP modem/router:
    pfSense WAN:
    pfSense LAN:
    Hosts:     >

    The ISP modem/router has a webgui with verry low protection. It is possible to change settings without entering a password. Only for some ‘advanced’ features you’ll need a password.

    I want to block access to the webgui of the modem/router I got from my ISP.
    I have set up a rule like this and placed it above the default rule on the LAN interface:

    Proto:          TCP
    Source:          *
    Port:          *
    Port:          *
    Gateway:          *
    Schedule:          *
    Description:          *

    Correct me if I am wrong but this should block any host, with the TCP protocol, from any port source port to (any destination port).

    I think the problem is that this router is the gateway / dns for my pfSense system.
    Could someone explain to me how this can be blocked ?
    I you  need more info, feel free to ask!

  • Bump!  ;)

    Is the question to difficult or do you need more information?

  • Hello!

    I think your IP ranges are not correct. You must use a subnet for your WAN (pfSense WAN  + LAN side of your ISP router) an another subnet for your LAN (pfSense LAN + switch + computers).

    After making the changes you can block any packet from LAN net to WAN net and your router will be inaccessible.


    Josep Pujadas

  • This actually works with the same subnet on both sides? Is this a bridge, or..?

Log in to reply