Blocking Access To Certain IP Addresses
Good Afternoon Forum pfSense!
I have a problem and would like to share with you!
The following is!
I have a router that is connected to pfsense firewall and would like to make it a hostpot for clients to access free internet.
I want nothing from Radius something so simple as an open wireless network!
So I want to set for all clients connected by the router (which has a wan ip in the firewall) could not have access to certain machines the company …
What are the servers!
Is there any way for me to accomplish this lock without taking the internet?
And another would also limit the Internet bandwidth of this router?
How to do it?
Sorry for the strange English and I'm already using google translator that no one answered the Brazilian support.
How many pfSense interfaces (including VLANs) are you committing to this? One for LAN and one for GUEST or are you just trying to put the wifi router's WAN port on your LAN?
Sorry I'm kind of layman and now that implemented the pfsense on my network, more come on!
I put the network cable into the router's WAN! And it gets an IP address on the network that is 192.168.3.53 and it manages customers and such in his subnet.
Then I would like to block access to servers that ip ips there that give block someone malicious in open network, you know?
Thank you for responding so quickly! :)
That will have to be done in your Wi-Fi router.
Damn, but on the router by default options are very vague I would have to install a third party firmware (dd-wrt) to do this.
More there is some method to create it?
Not sé I created a group on aliases and to block there?
No. Traffic from the WAN port of the Wi-Fi-router to other hosts on pfSense LAN will never go through pfSense. Same-subnet traffic does not go through the router.
Make two interfaces on pfSense. Put the Wi-Fi on one and LAN on another. Then you can filter as much or as little traffic between the subnets as you like.
I think you're not understanding me right (excuse the rudeness) I think I'm expressing myself poorly.
I will try to show how my network is configured:
You see this here?
My router is in "Computer Lab" that is behind the switch and is being regulated by pfsense, yet I could not block the router ip access (192.168.3.53) ips to the servers that are in the "Teacher" room ?
It would have to be done in the access point or in the switch. That traffic will never go to pfSense.
More router gateway and the pfsense!
So by logic all traffic on my network go through it right?
Then I wanted to filter this traffic in that sé he comes addressed to the ip of the server it passes not understand?
No. I guess I don't understand. You don't seem to want to hear the correct answer based on your diagram.
But I think the router does not have this option!
Does utliziação third party firmware have this option? How dd-wrt or OpenWRT?
And you know the technical name for this?
No idea. This isn't a dd-wrt forum.
I told you what to do. Put it on separate interfaces on pfSense.
Ok, not prescisa be 'aggressive'. :P
How do I configure separate interfaces and only connect my router to it?
You might want to ask that basic question in the Portuguese/Brazilian forum.
ok,thanks for support.