Pfsense firewall rule to block webconfigurator not working?

privacymatters · September 18, 2021, 2:11am

Hi!
I was pretty happy with my killswitch/openvpn/pia/pfsense life but I guess the new update or something changed everything. As a side note, for the last year or so the VPN killswitch on my phone had stopped working so its deliberate for sure.

I used the firewall rule to block access to my webconfigurator on the OPT interface (i have the SG1100 with three interfaces). This kept me pretty safe but now I can’t use a killswitch or block access to my webconfigurator from the OPT interface. Does anyone have any helpful advice?
I tried:
block the ‘my firewall’ in destination(it doesn’t let me put in the port number)
pass everything but ‘my firewall’) in destination
block the NAT on the LAN interface
pass everything but the NAT on the LAN interface.

If someone’s already answered this or there is a recent video with a demo workaround I apologize.

I also want to thank Tom and his community. I was in a serious pickle as a target and the videos allowed me safe internet for six months! Keep up the great work, you’re heroes for privacy!

LTS_Tom · September 18, 2021, 11:01am

Under the firewall rules of the subnet you want to block create a block rule with the destination of “This Firewall” choose TCP and then the port number of the web interface.

privacymatters · September 18, 2021, 4:46pm

Thank you! That worked! I’m new at this so a mistake I made was refreshing on the same browser window and network. When I refreshed the DHCP assignment and didn’t use a precached session it was blocked as I needed it to be.

I’m going to be honest…I’m a bit leery of nethate’s pfsense + version but it looks like it’s the only supported one. I had a buffer attack on my sg1100 and the VLANs were altered prior to upgrading from 2.4.5