Netgate SG-1000 microFirewall

Author Topic: Guest LAN block web management and SSH management access  (Read 111 times)

0 Members and 1 Guest are viewing this topic.

Offline Bigozz

  • Newbie
  • *
  • Posts: 4
  • Karma: +0/-0
    • View Profile
Guest LAN block web management and SSH management access
« on: November 22, 2017, 03:30:26 pm »
Hi all,

I have created a new Guest Network PFsense Router.  I have manged to block access to my Main LAN and Wifi LAN.

I have a need to block any block access to the web management and SSH management ports  guest network but still allow internet access.

Please my rules below
 
Firewall" border="0
<a target='_blank' href='https://imgbb.com/'>tumblr image hosting[/url]


Can any please advise on how to block web management and SSH management access

Offline viragomann

  • Hero Member
  • *****
  • Posts: 2542
  • Karma: +269/-1
    • View Profile
Re: Guest LAN block web management and SSH management access
« Reply #1 on: November 22, 2017, 04:13:28 pm »
Pack all your internal subnets (Guest also) into an alias and use this as destination with "invert" checked in your allow rule for guests.

Or even better in my opinion, add all RFC1918 networks to an alias and use this one instead. So you haven't to care if you add or change a network in the future.