Nov 03, 2015

block private and bogon networks WAN rule : PFSENSE The bogon one is doing the same job for IPs that should not be on the internet, but aren't the common private ones. Things like 240.0.0.0/4 and other unallocated blocks. The reason they are separate is that if you have a pfSense behind another router, your pfSense might have its WAN interface using a private IP. Firewall — Bogons Firewall Table | pfSense Documentation Traffic from within these bogon networks should never be seen as coming from the Internet. This view will show the current list of bogon networks and offers a button which, when clicked, will cause pfSense to Download an updated bogon network list. The list will be updated automatically once per month. Block Private Networks From Leaving PFSense | Netgate Forum Create an alias for the networks you want to block. Call it, say, private_networks and include the following ranges: 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 (optionally include other non-public CIDR ranges like 169.254.0.0/16 and 127.0.0.0/8) Now add a new floating firewall rule under **Firewall > Rules, Floating tab *** Action: Reject. Quick Be carefull with "Block bogon networks" and CGN : PFSENSE

Install and Configure pfSense in Your Home Network

Setup a Guest Network — OPNsense documentation

Since my pfSense-box is sitting between a FritzBox and my local networks, I have unticked “Block private networks” since my gateway is in a private IP-address-range (10.0.0.X/24). I still wonder why my setup was working initially because as I understand this option, it …

May 03, 2015 [IPv6] pfSense - Anybody else having issues? - Comcast Oct 31, 2013 Install and Configure pfSense in Your Home Network The “MAC Address” field under “General configuration” can be used to enter a MAC address that will pose as the MAC address of your WAN interface NIC. The “Block RFC1918 Private Networks” and “Block bogon networks” sections are selected by default in order to block invalid traffic from entering your network.