Firewall question



  • I wonder if anyone can confirm if PFSense can offer the following

    Wan Public IP
    Lan Public IP Subnet /24

    Lan servers get IP4 static public IP directly on the device.

    Solution needed
      if anyone externally tries to login to a server hosted on the lan interface with incorrect username / passwords for a set amount of times then put the offenders IP in a black list and block all future requests for that IP Address?



  • pfSense cannot know if the username and password used at login on the server are correct or not.

    However, you may generate a blacklist of dirty IPs on the server and use this in a firewalls rule for blocking traffic.



  • Hi,

    just put the servers in the DMZ and forward the services you need from the public IP to the server one.
    The authentication should be provided by the server.