OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 18.1 Legacy Series »
  • How to block one client from accessing another
« previous next »
  • Print
Pages: [1]

Author Topic: How to block one client from accessing another  (Read 2260 times)

PimB

  • Newbie
  • *
  • Posts: 29
  • Karma: 1
    • View Profile
How to block one client from accessing another
« on: July 15, 2018, 11:47:16 pm »
I'd like to block TCP/UDP access from one client (192.168.2.10) tot a other client (192.168.2.30) wich has a webserver.

A simple block firewall rule from - to doesn't seem to work.

How can I achieve this?
Logged

mimugmail

  • Hero Member
  • *****
  • Posts: 6300
  • Karma: 434
    • View Profile
Re: How to block one client from accessing another
« Reply #1 on: July 16, 2018, 05:59:35 am »
Only with a Firewall on the second client.
Logged
Twitter: mimu_muc
WWW: www.routerperformance.net
Support plans: https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German): https://opnsense.max-it.de/

bartjsmit

  • Hero Member
  • *****
  • Posts: 1542
  • Karma: 166
    • View Profile
Re: How to block one client from accessing another
« Reply #2 on: July 16, 2018, 08:23:48 am »
You need to separate them at layer 2 or layer 3 to force them to go through the firewall. That means (respectively) putting them on different VLAN's or on different IP subnets, or preferably both.

Different subnets is easiest, since the firewall is a router out of the box. You will need to move the web server to a different firewall network interface with a separate switch. If you don't want to have multiple firewall interfaces and multiple switches, VLAN separation is the answer.

Bart...
Logged

PimB

  • Newbie
  • *
  • Posts: 29
  • Karma: 1
    • View Profile
Re: How to block one client from accessing another
« Reply #3 on: July 16, 2018, 08:41:52 am »
That's clear. Thanks to you both!
« Last Edit: July 16, 2018, 11:25:16 am by PimB »
Logged

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 18.1 Legacy Series »
  • How to block one client from accessing another
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2