Wiki

User Tools

Site Tools

Trace:
pfsense:install_pfsense:create_firewall_aliases

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
pfsense:install_pfsense:create_firewall_aliases [2020/12/04 13:11] peterpfsense:install_pfsense:create_firewall_aliases [2022/10/20 09:07] (current) – [Define Alias for Printers] peter
Line 15: Line 15:
 Click **Add**. Click **Add**.
  
-  * Name LOCAL_SUBNETS +  * Name:  **LOCAL_SUBNETS**. 
-  * Description local subnets +  * Description:  **local subnets** 
-  * Type Networks +  * Type:  **Networks**. 
-  * Network 192.168.0.0 +  * Network:  **192.168.0.0**. 
-  * CIDR 16 +  * CIDR:  **16**. 
-  * Comment LAN (192.168.0.0 - 192.168.255.255)+  * Comment:  **LAN (192.168.0.0 - 192.168.255.255)**.
  
 Click **Save**. Click **Save**.
Line 34: Line 34:
 ---- ----
  
 +===== Define Alias for Printers =====
 +
 +Create an alias to define the printers we are using.
 +
 +Navigate to **Firewall -> Aliases -> IP**.
 +
 +Click **Add**.
 +
 +  * Name:  **PRINTERS**.
 +  * Description:  **local subnets**
 +  * Type:  **Host(s)**.
 +  * Network:  **192.168.1.100**.
 +  * Comment:  **HP Officejet Pro 8620**.
 +
 +Click **Save**.
 +
 +<WRAP info>
 +**NOTE:** This alias will be used in firewall rules to grant users of other VLANs access to the Printers:
 +</WRAP>
 +
 +
 +----
 +
 +<WRAP center round todo 60%>
 +The other aliases below here still need to be worked out properly, so ignore for now.
 +</WRAP>
 +
 +
 +----
 ===== Define Alias for Ubiquiti ===== ===== Define Alias for Ubiquiti =====
  
Line 113: Line 142:
   * Ports(s):   * Ports(s):
     * 8008, 8009 : Chromecast Ports.     * 8008, 8009 : Chromecast Ports.
 +    * 8443 : Required for the Google Home app on Android.
  
 ---- ----
Line 122: Line 152:
   * Type:  **Ports**.   * Type:  **Ports**.
   * Ports(s):   * Ports(s):
-    * 53535556, 5558 : Discoverable.+    * 1900 : SSDP. 
 +    * 5353 : Bonjour services/discovery. 
 +    * 5556, 5558 : Videostream Ports. 
 +    * 32768:61000 : Chromecast Ports.
  
  
 <WRAP info> <WRAP info>
-**NOTE:**  Chromecast uses UDP ports 32768-61000 once connected+  Allow both TCP ports 8008 and 8009 outbound to the Chromecast device. 
- +  * Allow high UDP ports both incoming and outgoing. "High ports" are the local ports usually ranging 32768-61000. 
-TCP port 8443 is required for the Google Home app on Android, +  * Allow the special SSDP packets outbound (which is UDP traffic to the multicast IP 239.255.255.250, destination port 1900) which is used to check for other Google devices in the same network.  Google devices reply with the Source IP to this packet.
- +
-Might need to allow special SSDP packets outbound (which is UDP traffic to the multicast IP 239.255.255.250, destination port 1900).   Chromecast app should send information over SSDP if it wants to discover the Chromecasts in the network.  The Chromecast should then reply to the source IP it was given.+
  
 See:  https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/7-6/chromecastDG76/ChromecastDG76.html See:  https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/7-6/chromecastDG76/ChromecastDG76.html
  
-^Name^Port^Protocol^ +See https://help.ui.com/hc/en-us/articles/360001004034-UniFi-Best-Practices-for-Managing-Chromecast-Google-Home-on-UniFi-Network
-|Allow Chromecast Outbound|32768-61000|TCP| +
-|:::|8008-8009|TCP| +
-|Chromecast SSDP|1900|UDP| +
-|Chromecast Inbound|32768-61000|UDP|+
  
 </WRAP> </WRAP>
Line 235: Line 262:
  
 </WRAP> </WRAP>
 +
 +----
 +
 +Return to [[PFSense:Install pfSense|Install pfSense]] or continue to [[PFSense:Install pfSense:Create Firewall Rules|Create Firewall Rules]].
 +
 +----
  
pfsense/install_pfsense/create_firewall_aliases.1607087484.txt.gz · Last modified: 2020/12/04 13:11 by peter
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki