4. PF 2.1 block rule - might be me but not working

PF 2.1 block rule - might be me but not working

  • M

    I've never had an issue on 2.0.1 on block rules but I was just looking and I needed to block the web port for my freepbx. I thought I had it blocked but I guess I hadn't

    I know that block rules go at the top and that's where I put this. The Ip in the destination is a IP Alias that's 1:1 natted to my internal addresses. What have I done wrong here.


    0
  • G

    Hi
    Just to clarify, is the IP Alias a defined virtual IP?

    0
  • M

    Yes I forgot to mention that!

    0
  • G

    Have you tried entering the private address that you are natting to?

    Also, is there a HTTPS port open that your browser may be trying automatically - that one has caught me out a few times!

    0
  • M

    I blocked the HTTPS ports and made the rules for also the lan private ip. What I didn't figure is why I needed to block the private ip when I block the external IP (virtual ip)

    Either way its working

    Topic Closed

    0
  • T

    Because NAT works before the firewall rules. To the firewall, it's not going to the external IP, but to the internal.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy