Remote access



  • Is there a way to have the pfsense server only allow a certain domain through the firewall (port forward).  I cannot get a static ip address but am using a noip domain. This possible at all?


  • LAYER 8 Global Moderator

    If you are looking for secure remote acces why not just vpn in.  You have cert that allows u and only u in then can access what ever u want on your network behind pfsense



  • John's suggestion of using VPN is certainly always a good choice.

    However, to answer your original question- YES pfSense can do this. You need to go to Firewall > Aliases, and create a new alias for your allow list. Add your no-ip FQDN e.g. foobar.no-ip.com and save it. Now in your firewall rules, create an allow rule that passes traffic on your WAN interface(s) and set the 'source' to the name of your alias which should auto-complete when you start typing. Save and you should basically be good to go. The default refresh time for the firewall to update your dynamic IP is 300 seconds. You can adjust this up or down as needed by filling in a value for 'Aliases Hostnames Resolve Interval' on the System > Advanced > Firewall page.

    HTH!


Log in to reply