Re: [pfSense Support] seperation of network
That's the way I do it - IIRC, you may have to set up the 'allow' for that subnet to go out, but you will definitely need to set one up to deny from them to LAN (or some subset thereof). The nice thing is that I have my own ISC DHCP/BIND setup on my LAN, but I can just let pfSense take care of that other subnet so they're completely isolated. On 3/13/06, Jason [EMAIL PROTECTED] wrote: Hi Holger, Thank you for quick reply. So do I have to actually add a physical NIC, and assign another internal ip and subnet for it, and then put rules to allow in firewall? Jason - Original Message - From: Holger Bauer [EMAIL PROTECTED] To: support@pfsense.com Sent: Monday, March 13, 2006 2:24 PM Subject: RE: [pfSense Support] seperation of network Yes, add an OPT1 interface and create one pass rule to allow all traffic to destination not lansubnet. Holger -Original Message- From: Jason [mailto:[EMAIL PROTECTED] Sent: Monday, March 13, 2006 7:05 AM To: support@pfsense.com Subject: [pfSense Support] seperation of network Hi, I need to let some of our guests to use our broadband, but I'm concerned about security. Can I force them to use a different subnet other than my Lan? It seems that vlan is doing such a function, but buying an expensive switch is not an option for me. What else can I try? Can I add another cheap NIC and another cheap hub for the job? Thanks for help. Jason Virus checked by G DATA AntiVirusKit - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] seperation of network
Yes, add an OPT1 interface and create one pass rule to allow all traffic to destination not lansubnet. Holger -Original Message- From: Jason [mailto:[EMAIL PROTECTED] Sent: Monday, March 13, 2006 7:05 AM To: support@pfsense.com Subject: [pfSense Support] seperation of network Hi, I need to let some of our guests to use our broadband, but I'm concerned about security. Can I force them to use a different subnet other than my Lan? It seems that vlan is doing such a function, but buying an expensive switch is not an option for me. What else can I try? Can I add another cheap NIC and another cheap hub for the job? Thanks for help. Jason Virus checked by G DATA AntiVirusKit - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] seperation of network
Hi Holger, Thank you for quick reply. So do I have to actually add a physical NIC, and assign another internal ip and subnet for it, and then put rules to allow in firewall? Jason - Original Message - From: Holger Bauer [EMAIL PROTECTED] To: support@pfsense.com Sent: Monday, March 13, 2006 2:24 PM Subject: RE: [pfSense Support] seperation of network Yes, add an OPT1 interface and create one pass rule to allow all traffic to destination not lansubnet. Holger -Original Message- From: Jason [mailto:[EMAIL PROTECTED] Sent: Monday, March 13, 2006 7:05 AM To: support@pfsense.com Subject: [pfSense Support] seperation of network Hi, I need to let some of our guests to use our broadband, but I'm concerned about security. Can I force them to use a different subnet other than my Lan? It seems that vlan is doing such a function, but buying an expensive switch is not an option for me. What else can I try? Can I add another cheap NIC and another cheap hub for the job? Thanks for help. Jason Virus checked by G DATA AntiVirusKit - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
