Configure pfSense Firewall - Flowroute
Firewall — Firewall Rule Best Practices | pfSense Aug 05, 2019 How to define firewall rules on pFSense | IT Blog Smart idea would be to disable default ALLOW ALL traffic rules– you should remove default LAN firewall rules created by pFSense and define only ports you would like to use – only that way you can block unwanted traffic and better control your LAN-> WAN traffic. pfSense Series: Firewall Rules - Intense School Mar 08, 2016
Apr 03, 2020
May 03, 2017
a - leave the WAN port to default DHCP. Configure existing firewall such that DHCP address from PFSense WAN port is in a DMZ. b - configure the LAN port with a small subnet or same subnet and shut off DHCP on the LAN port. Note it is your preference on IPs of you subnet. An example would be the following. (here utilize Online IP Subnet calculator)
A good rule would be permit tcp 12.34.56.78 3389 WEB-SERVER1 (where 12.34.56.78 is the IP address of the administrator’s computer on the Internet). permit tcp any DB-SERVER1 3306 - Allows MySQL access from any source to the database. Database servers should never be exposed to the whole Internet.