Differences

This shows you the differences between two versions of the page.

--- pfsense:install_pfsense:create_firewall_aliases [2020/12/04 13:12] – [Define Alias for Chromecast Ports] peter
+++ pfsense:install_pfsense:create_firewall_aliases [2022/10/20 09:07] (current) – [Define Alias for Printers] peter
@@ Line 15: / Line 15: @@
 Click **Add**.
-  * Name = LOCAL_SUBNETS
+  * Name:  **LOCAL_SUBNETS**.
-  * Description = local subnets
+  * Description:  **local subnets**
-  * Type = Networks
+  * Type:  **Networks**.
-  * Network = 192.168.0.0
+  * Network:  **192.168.0.0**.
-  * CIDR = 16
+  * CIDR:  **16**.
-  * Comment = LAN (192.168.0.0 - 192.168.255.255)
+  * Comment:  **LAN (192.168.0.0 - 192.168.255.255)**.
 Click **Save**.
@@ Line 34: / Line 34: @@
 ----
+===== Define Alias for Printers =====
+Create an alias to define the printers we are using.
+Navigate to **Firewall -> Aliases -> IP**.
+Click **Add**.
+  * Name:  **PRINTERS**.
+  * Description:  **local subnets**
+  * Type:  **Host(s)**.
+  * Network:  **192.168.1.100**.
+  * Comment:  **HP Officejet Pro 8620**.
+Click **Save**.
+<WRAP info>
+**NOTE:** This alias will be used in firewall rules to grant users of other VLANs access to the Printers:
+</WRAP>
+----
+<WRAP center round todo 60%>
+The other aliases below here still need to be worked out properly, so ignore for now.
+</WRAP>
+----
 ===== Define Alias for Ubiquiti =====
@@ Line 113: / Line 142: @@
   * Ports(s):
     * 8008, 8009 : Chromecast Ports.
+    * 8443 : Required for the Google Home app on Android.
 ----
@@ Line 122: / Line 152: @@
   * Type:  **Ports**.
   * Ports(s):
-    * 5353, 5556, 5558 : Discoverable.
+    * 1900 : SSDP.
+    * 5353 : Bonjour services/discovery.
+    * 5556, 5558 : Videostream Ports.
+    * 32768:61000 : Chromecast Ports.
 <WRAP info>
-**NOTE:**  Chromecast uses UDP ports 32768-61000 once connected.
+  * Allow both TCP ports 8008 and 8009 outbound to the Chromecast device.
+  * Allow high UDP ports both incoming and outgoing. "High ports" are the local ports usually ranging 32768-61000.
-TCP port 8443 is required for the Google Home app on Android,
+  * Allow the special SSDP packets outbound (which is UDP traffic to the multicast IP 239.255.255.250, destination port 1900) which is used to check for other Google devices in the same network.  Google devices reply with the Source IP to this packet.
-Might need to allow special SSDP packets outbound (which is UDP traffic to the multicast IP 239.255.255.250, destination port 1900).   Chromecast app should send information over SSDP if it wants to discover the Chromecasts in the network.  The Chromecast should then reply to the source IP it was given.
 See:  https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/7-6/chromecastDG76/ChromecastDG76.html
-^Name^Port^Protocol^
-|Allow Chromecast Outbound|32768-61000|TCP|
-|:::|8008-8009|TCP|
-|Chromecast SSDP|1900|UDP|
-|Chromecast Inbound|32768-61000|UDP|
 See:  https://help.ui.com/hc/en-us/articles/360001004034-UniFi-Best-Practices-for-Managing-Chromecast-Google-Home-on-UniFi-Network
@@ Line 237: / Line 262: @@
 </WRAP>
+----
+Return to [[PFSense:Install pfSense|Install pfSense]] or continue to [[PFSense:Install pfSense:Create Firewall Rules|Create Firewall Rules]].
+----