How to block internal (192.168.X.X) ips for only on device


my girlfriend user Openvpn for her home office. Later that week i checked the logs for my Truenas sever and i found out, that several faild login attempts where made from her NB(ip). She did not do it, so im guessing someone in the openvpn network, which she uses for work, is the “attacker”.

How can i limit the access for that client ? I tried blocking the ips in the firewall, but if i do that i can still ping them.

Ipfire config - only a Red/ Green Nic - and the DHCP feature.

best regards proccpuinfo