VLAN / Firewll config on router or just use sys-firewall
50 views
Skip to first unread message
John Smiley
Dec 26, 2018, 3:52:28 AM12/26/18
to qubes-users
Does it make sense to configure a VLAN and associated firewall rules in an external firewall like pfsense or can the same thing be accomplished with Qubes firewall rules?
John Smiley
Dec 26, 2018, 3:55:24 AM12/26/18
to qubes-users
On Wednesday, December 26, 2018 at 12:52:28 AM UTC-8, John Smiley wrote:
> Does it make sense to configure a VLAN and associated firewall rules in an external firewall like pfsense or can the same thing be accomplished with Qubes firewall rules?
> Does it make sense to configure a VLAN and associated firewall rules in an external firewall like pfsense or can the same thing be accomplished with Qubes firewall rules?
For the purposes of isolating Qubes traffic on your home network...
unman
Dec 26, 2018, 5:20:15 AM12/26/18
to qubes-users
a number of different scenarios that wood fit that description.
You can certainly use Qubes firewall rules to restrict some qubes to
certain IP addresses, or ranges. The simplest way would be to put another
fw in place and have localnet deny rules for that fw: then allocate
qubes per fw.
If that doesnt fit your scenario, some more detail?
John Smiley
Dec 27, 2018, 9:36:01 PM12/27/18
to qubes-users
Got on IRC chat with some Whonix folks and got the answers I needed for this.
To clarify, I wanted to know if there is any benefit to configuring pfsense (or any firewall/router) so that each Qubes box is on its own VLAN. The answer I got was yes. One such benefit would be to make it more difficult for an attacker to jump from my son's Win10 box, which has god knows what installed on it, to my Qubes systems.
Reply all
Reply to author
Forward
0 new messages