Internal client security



  • Hi,

    I got pfSense :) and using CP
    So there is WAN and LAN, clients which connected to LAN can access internet after successfully AAA etc.

    I got one network for LAN (in my case 10.64.160.0/22) so users can reach eachother

    Is it possible restrict it? Clients will access only pfSense not each other

    Thanks



  • pfSense can only restrict traffic that passes its interfaces. If you have just a single LAN interface traffic from one LAN host to another won't pass pfSense and couldn't be impacted.

    However, you can realize your goal by using VLANs and putting each client in a separate VLAN if your switch(es) supports this and if the setup isn't too complex for you.



  • Hi,

    Thanks for reply.
    I have to point that my LAN interface on pfSense is DHCP enable and rest clients get IP address from it


Log in to reply