Accessing web interface from internet.

kabeda

Hello,
At home, I have a Dlink DSL-2750U modem with a LAN IP address of 192.168.4.1 and a PC on which I installed pfsense 2.7.0 with a WAN IP address of 192.168.4.56 and a LAN address of 192.168.2.1.
I would like to access the pfsense web interface from outside (at work, for example).
How should I configure my modem and pfsense to access them? I can access the pfsense web interface at https://192.168.2.1:54870.

Thank you.

viragomann

@kabeda said in Accessing web interface from internet.:

I would like to access the pfsense web interface from outside (at work, for example).

Due to security reasons it's highly recommended to set up a VPN for this.

First of all you have to ensure, that you have a public IP (v4 or v6 if you use it, on the router / modem) and that it is accessible from the internet.
Then you can forward traffic from the router to pfSense.

SteveITS

Since it's a "work" situation the office may have a fixed/static IP which can be allowed by firewall rule. Though tbf that would allow anyone from that IP to attempt to log in, if they were aware they could. Worse case is to allow the entire Internet to connect.

Also, 2.7.0 is quite old. If you aren't seeing any later versions, read https://docs.netgate.com/pfsense/en/latest/releases/2-7-1.html#troubleshooting.

Gertjan

@SteveITS said in Accessing web interface from internet.:

Also, 2.7.0 is quite old. If you aren't seeing any later versions

@kabeda The latest version isn't really hiding, try for example www.google.com and enter :
pfsense latest version download
which will bring you straight to the original source from the authors : Netgate.
A bit like downloading a Windows ISO from a Microsoft web site, and not some the-pirate-bay.com.

kabeda

Hi everybody,
Since now, nobody answers to my question.

1. I don't mind if keep the 2.7.0 version.
2. I have a fixed/static IP.

However, has anyone managed to get what I'm asking to work?

Gertjan

@kabeda

The guy that had extensive "2.7.0" knowledge left .... or passed on to 2.8.1, I'm not sure. You'll find probably know one here still using that version
I was using 2.7.0 back in 2023, but there were issues, bugs, and as usual, these were fixed with more recent versions.

The good news is : accessing the GUI interface, from the pfSense WAN interface, is possible. You have to add a firewall rule on the WAN interface, that allows TCP traffic ports 80 and/or 443.

Btw : this 'solution' would be valid for every existing firewall out there, not only pfSense.

SteveITS

@kabeda said in Accessing web interface from internet.:

Since now, nobody answers to my question.

Yes we did:

VPN

firewall rule

[worst] case is to allow the entire Internet

the other

hey there,
configure first router (you call it a modem) with correct port for a) (strongly recommended) VPN (iE openVPN UDP 1194 default) to pass thru to pfsense's vpn server. After establishing VPN tunnel, go to your pfsense gui just as you'd do from inside your lan.

b) (rather not recommended) open port (in dlink) to reach pfsense GUI, enter (pfsense) needed firewall rule on WAN to reach login site.

All already mentioned above ;)...

kabeda

Hi,
Thanks everybody, it works now by configuring the router and pfsense with the good way. I did the same thing for nttopng. It works too, but it seems slow. I will try the next week to check.