Thread: SSH LAN access only
View Single Post
  #1   (View Single Post)  
Old 3rd August 2016
bsdsource bsdsource is offline
Port Guard
  
Join Date: Apr 2014
Posts: 34
Default SSH LAN access only
I would like to enable ssh but only allow a specific LAN client to access the server. Below is my setup:

Code:
             internet
                |
                |
           cable modem
                |
                |
  ----  dynamic wan ip (em0) ----
 |                               |
 |          openbsd              |
 |                               |
  ----- 10.255.255.1 (em1) -----
                |
                |
       wireless access point
           10.255.255.2
                |
                |
       --------------------
      |                    |
      |                    |
 10.255.255.100     10.255.255.101
   desktop              netbook

I would like to allow 10.255.255.101 to access the ssh server. Obviously this is LAN access only so I don't want any possible access to the ssh server from the internet. Could someone assist with providing a suggestion on a pf rule or rules to help me accomplish this. The wireless access point isn't doing any packet filtering. Thank you.
Reply With Quote