Microsoft Virtual IP's and Connectify
-
So I ran into an issue,
it looks like you can download this connectify application and setup your laptop as a hotspot.
Here is my issue having additional machines on the network thru a virtual network example: 192.168.61.0/24…...
I am trying to figure out if there is a way of blocking this thru pfsense using either packages that can be installed, or any other means..
I have tried using firewall rules to block 192.168.61.0/24, but that did not work....
Here is an example of what is configured once you connect a device using connectify application:
Wireless LAN adapter Wireless Network Connection 2:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : D0-DF-9A-XX-XX-XX
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::cc05:a376:b61f:1fee%15(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.61.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 449896346
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-C9-5A-CA-D0-DF-9A-XX-xx-XXDNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : EnabledI know that it is using or following the rules setup in the firewall because I have blocked websites based on IP addresses and even if I connect to this connectify application hotspot that piggybacks of the physical wireless card on the machine it cannot access sites I have blocked based on ip addresses.
Any help anyone can provide would be great!!
Thank You.
-
So this is an application that turns a laptop into router complete with NAT and dhcp?
What you're really asking is can you block downstream NATed traffic. Not easily.Steve
-
Yes it turns the laptop or desktop into a router…
I guess there is no way right now???
-
The application will NAT the traffic from the back-end network it creates, so that it all gets a source IP address of the laptop's normal LAN IP. You can only firewall it based on the same rules you have in place for the laptop itself.