Securing pfsync
-
Hello all.
Sitting here with an issue/question.
Testing out pfSense to see if it can be used in my workplace network. The issue I got is if you make a dedicated network for pfsync will you have to place a block on all lan networks to the sync network to secure it from spoofing?
Regards
Chris
-
You can just use rules on the pfsync interface to only allow from the pfsync subnet as a source.
pf is smart enough to not forward spoofed packets if they enter the "wrong" interface.