Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Blocking LAN to WAN necessary?

    Scheduled Pinned Locked Moved Virtualization
    1 Posts 1 Posters 999 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      Cmellons
      last edited by

      From a pentesting article that I read someone had recommended that I make a Lan rule like this.
      Block any Lan net to any Wan net

      Since I am using virtualbox with pfsense to protect my windows installation. How true is that? I've always wondered about the ip of the virtualbox itself. Let's see, pfsense dhcp's an ip from my external router, then it has to pass through on the WAN side of my pfsense virtual machine installation and then I have another ip address in which I go out from the Lan to the internet. Doesn't pfsense already block from private networks and such or in my configuration is that incorrect since I have to dhcp an ip from a private network?
      With 3 ip addresses involved you could see how I might be concerned. The one that bothers me the most is the standard virtualbox ip address of 192.168.56.1 which I will change eventually. The other two addresses come from the pfsense 10.0.0.0/8 and external router 172.0.0.0/12 subnets.
      I thought about it a little bit more and I suppose that the virtualbox ip address is hidden from external view.

      Modified recently because I didn't want to revive an old thread by creating a new reply.

      There is actually nothing to worry about because it doesn't even get an IP from pfsense and the dns servers are both blank. Plus there is no gateway. So I'm pretty sure that the virtualbox adapter is harmless with the way it's set and it still allows me to rdp to the console.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.