Allow Internet access only for DHCP/static (pfSense) assigned IP addresses
-
I am wondering if there is a way to only allow Internet access to devices that have assigned IP addresses? I don't want to use whitelists, but I do want to only allow devices that have IP addresses assigned by pfSense either from static mappings or the DHCP server to access the Internet.
-
Hi,
need more details about you setup ( one LAN interface or more ) but did you check at Services: DHCP server
options:
Deny unknown clients
Enable Static ARP entries
and also
set pass rule in your interface to pass traffic only from that interface network ?
-
Create an alias to populate your static (allowed) IPs with. Set your static DHCP mappings to your allowed devices and amend the Default-to-any rule to allow traffic from just the alias you created earlier.