4. To block or not block private networks and about gateways

To block or not block private networks and about gateways

  • C

    You know the option on the WAN connection for blocking private networks?

    I'm running pfsense virtually with virtualbox and my physical router is what it's getting the gateway from. So to me it would make sense to uncheck that, but also hovering in my mind is, could this allow something through that gateway that is undesirable?  I am still able to get internet either way. Just curious.

    0
  • P

    If there are no other rules on WAN then it makes no difference - the default unseen "block all" rule stops incoming connection attempts anyway.
    From the LAN side, you can access things in that in-between WAN subnet because the state is initiated from the LAN side, so whatever WAN rules you have or do not have makes no difference.
    It is only if you want some device to access from the in-between WAN subnet to pfSense (e.g. for diagnostic purposes) that you have to uncheck "block private networks" and then add rule/s to allow access.

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy