Blocking a network device from communicating with another device on the LAN

firewall routing rules deny pfsense

Solution 1:

If two hosts are on the same subnet, the traffic has no reason to go through the router. Your rules are never being applied. The two devices are connected to a switch (or some other Layer 2 networking hardware). Host A says "I want this traffic to go to Host B's IP" and your switch says "Ok, done."

UPDATE: If VLANs are an option, put each host in a separate VLAN. This way, you can enforce routing rules between them and achieve the logical separation you want.

Related

Ubuntu Server 12.04 can access LAN but not internet
Are all SAS drives hot-swappable?
Running python app in the background on linux
What's so special about leased lines (T1, DS3, etc)
Theoretical situation regarding lost ssh keys
yum update kernel without removing old?
Apache running as root instead of user specified in httpd.conf
NAS device claims drive in a RAID is degraded but S.M.A.R.T. says it is fine
Completely format server for selling on ebay
tmpfs fills up, although hardly used. How can I debug this
AWS Storage Gateway without the "on-premises" part?
Debian error: ifup: couldn't read interfaces file "/etc/network/interfaces"