In a corporate network without DHCP, the temporary solution to whitelist a couple of useful sites is to change the hosts file under Windows/System32/drivers/etc/ but since modern sites tend to change their IP very often and also taking into consideration that there are many client PCs, trying to keep hosts file updated is not the way to go.
So, we decided to place a pfSense firewall between the router and the rest of the network in order to create two whitelists, one for admins and one for clients, and then assign each whitelist to a group/range of IPs. For example the administrators whitelist to the range between 10.10.10.0 - 10.10.10.50 and the significant smaller whitelist of clients to the range of 10.10.10.51 - 10.10.10.255
In addition there is the need of load balancing, and in particular, of giving priority to the clients.
So, to narrow down the question a bit, i'd like to know
- Is pfSense the right tool for such a job? if not what is your suggestion?
- If yes, is pfSense able to accomplish that as is, or do i have to also install Squid?
- I can't find an obvious way to create whitelists and ip groups and relate those two, what is the right way to do it?