Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfsense web secure access - not working

    Scheduled Pinned Locked Moved webGUI
    4 Posts 2 Posters 827 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      caymann
      last edited by

      I am using port 10443 for the web access
      So https://192.168.1.1:10443 work fine and i can access pfsense
      But https://pfsense.jondoe.com doesnot work

      I am using letsencrypt wildcard certificate for *.jondoe.com with DNS validation
      This works well for web services exposed to the internet

      But I only want to access https://pfsense.jondoe.com from within LAN
      Not interested in exposing it to the internet

      I will use this access within LAN or sometimes when i VPN into network

      I also use HAproxy
      Backend, i created pfsense.jondoe.com as 192.168.1.1, port 10443 and named it pfsense
      I chose no Encrypt and no SSL check as it will be handled by frontend

      Frontend, i am using listen address as LAN address, port 443, SSL offloading checked
      Access control list is (pfsense.jondoe.com) and actions (use backend = pfsense)
      Certificate is wildcard from letsencrypt

      But when i try: https://pfsense.jondoe.com, i get connection is not secure and this page is not working.

      What am i missing here?
      thanks
      jim

      chpalmerC 1 Reply Last reply Reply Quote 0
      • chpalmerC
        chpalmer @caymann
        last edited by

        @caymann

        Does "https://pfsense.jondoe.com:10443" work? You need a firewall rule on your WAN interface for that..

        Triggering snowflakes one by one..
        Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

        C 1 Reply Last reply Reply Quote 0
        • C
          caymann @chpalmer
          last edited by

          @chpalmer no that doesn't work

          chpalmerC 1 Reply Last reply Reply Quote 0
          • chpalmerC
            chpalmer @caymann
            last edited by

            @caymann

            Are you trying to reach it from an outside source or from your LAN? You probably need NAT reflection turned on if from your LAN..

            Triggering snowflakes one by one..
            Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.