Hello, I am very new to pfsense but with the help from your YouTube video’s I managed to setup a pfsense firewall with nordvpn, snort, pfBlockerng, 8x OPT interfaces , bridgelan for all the interfaces, unifi uap ac pro, tp-link switch, and an ASUS RT-AC68U. Yes its a bit of overkill but i had a bunch of stuff lying around and I wanted to learn about pfsense. I also have Home Assistant running with lots of IOT’s.
I have a DHCP server setup running them all right now because i just want to get everything working and i wanted to figure things out by applying some of your setting and rules.
I figured out most rules with everything going out the Nordvpn interface, the issue is that some of the devices can’t get to the internet even though devices that are on the same network can get out to internet.
Example:
I have an ecobee smart thermostat that can hookup to the local network through the Unifi AP but can’t see the internet, I looked in the log view and recognized that the ecobee talks back to ecobee.com 216.220.52.141 port 8190 and created an easy rule pass. Did not work.
Second I created an aliases to try and get it to work with 216.220.52.141, still didn’t work.
Third I created a snort pass list for 216.220.52.141 and the ip, still didn’t work.
I setup everything with floating rules as like your video and I am getting Online status from both my WAN provider and NordVPN. Everything seems to be working behind the firewall, and most devices seem to be working.
How do i tweak devices like the ecobee to get to the internet and where is the best place to create a white list for that particular device, All the interfaces can talk to each other right now before i start locking things down.