ASK Create Access Rule LAN with Range IP
-
Hi,
I'm sorry if repost. I'm newbie
I want to ask, how to create rule access for LAN by Range IP?
Because, I don't found create LAN by Range IP, I just found by subnet.
Example :
192.168.1.20-192.168.1.50 = for Server
192.168.1.60-192.168.1.100 = for Staff
192.168.1.110-192.168.1.130 = for BODCan I create Lan Network by Range IP like other firewall?
Thanks,
-
Use "Aliases" (Firewall –> Aliases --> Networks) ;)
Networks are specified in CIDR format. Select the CIDR mask that pertains to each entry. /32 specifies a single IPv4 host, /128 specifies a single IPv6 host, /24 specifies 255.255.255.0, /64 specifies a normal IPv6 network, etc. Hostnames (FQDNs) may also be specified, using a /32 mask for IPv4 or /128 for IPv6. You may also enter an IP range such as 192.168.1.1-192.168.1.254 and a list of CIDR networks will be derived to fill the range.
-
Hi,
Thank you for reply,
but we can't create Network by Range IP, Right!
We must input one by one, can't 192.168.1.40-192.168.1.120.
I hope PFSense for the future can create that like other firewall.Thanks,
-
Aa.Fikry28, please read again the excellent advice that have already been given to you by ptt.
If you add a network alias you can specify the range as 192.168.1.40-192.168.1.120 and the appropriate networks to cover your selected range will automatically be created:
192.168.1.40/29, 192.168.1.48/28, 192.168.1.64/27, 192.168.1.96/28, 192.168.1.112/29, 192.168.1.120/32 -
An even better alternative is to group your hosts on netmask boundaries. If you were to use a /27, for instance, you could refer to the group of hosts from 192.168.1.32-192.168.32.63 with the single mask 192.168.1.32/27, the hosts from 192.168.2.64-192.168.1.95 with 192.168.1.64/27, etc.
