How to implement schedule access restriction



  • I want to restrict access from WAN to a specific LAN adress by adding a schedual to my firewall:rule.

    But creating a firewall:rule and adding my schedual to this rule doesnt seem to have any affect at all on the access from WAN side.

    Can any1 help me?



  • Post a screen or printout of the rule you created.



  • Screenshots.

    ![help 1.jpg](/public/imported_attachments/1/help 1.jpg)
    ![help 1.jpg_thumb](/public/imported_attachments/1/help 1.jpg_thumb)
    ![help 2.jpg](/public/imported_attachments/1/help 2.jpg)
    ![help 2.jpg_thumb](/public/imported_attachments/1/help 2.jpg_thumb)



  • I still need help.



  • If you're having trouble blocking something, why are you showing me a Pass rule?  ;)

    Also, could you provide a little more detail about your scenario?  For example, by default there is no access from WAN to LAN unless you have some port forwarding going on.  What is it that you're trying to do, exactly?


  • Netgate

    Is there NAT involved?  Is there a port forward rule?  How is the schedule configured?



  • @KOM:

    If you're having trouble blocking something, why are you showing me a Pass rule?  ;)

    Also, could you provide a little more detail about your scenario?  For example, by default there is no access from WAN to LAN unless you have some port forwarding going on.  What is it that you're trying to do, exactly?

    KOM, Please check PM.



  • You should be able to create a schedule, and then create a port forward from your public IP to your camera on LAN.  Then edit the NAT firewall rule to include your schedule.



  • Im not getting it to work properly.



  • I've never tried it, just showing the way with my limited knowledge.

    How doesn't it work properly?  The block never kicks in, the block is always there, the block is random….?

    I think you're being too paranoid.  Put your content behind a password-protected web server or something, port forward it full-time and avoid scheduling altogether.



  • Its getting permablocked.

    Im gonna try and reboot the pfsense firewall.



  • If you're really paranoid, install/configure OpenVPN and then VPN into your network and check your status there instead of having NAT rules on a schedule.  For all I know, there is a bug in 2.1.x that is biting you.  If all else fails, try the 2.2 beta.  I'll see if I can find time to play with it tonight and check the Scheduler functionality.



  • I've got this working in my 2.1.5 home lab.  Can you show me your Schedule entry?