How to separate access between HTTP/HTTPS and POP3/SMTP in local LAN



  • Hi,

    I would like to separate the internet access of my local LAN using PFSense. Is it possible that one group can access email only but no internet browsing? Appreciate your help. Thanks



  • Yes - You can put in blocking rules on the lan per /32 (per machine).

    You do that by making the block rule and filling in the source IP you wish to limit.



  • It might be a bit quicker if you could create a couple of alias'es eg (Firewall, Aliases) one for web users and and one pop3/smtp users, then just add the ip address of each device you want to have what access.

    Then use the alias in the various rules you create.



  • Hi,

    Thanks for the good suggestions from you guys i really appreciate it.