Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Can't access pfSense from outside my LAN

    Firewalling
    2
    6
    12.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      aleph
      last edited by

      Hi guys,

      I'm having problems accessing my pfSense box from my office.
      I've added a rule to the firewall for the WAN interface with source ip = all, source port = all, dest. ip = my pfSense internal (LAN) ip and dest. port = 443. This does not work…

      My ISP is particular: my public IPs are in fact private IPs; my ISP network is a big NATted network.
      Whenever I want, I can buy a real public IP for all the time I need it.
      So today I've bought a public IP and I tried to connect via https to that IP, but it's not working.
      The same thing was working perfectly with smoothwall, so maybe there's something more I need to do with pfSense to reach it from outside?

      Thanks for help.

      1 Reply Last reply Reply Quote 0
      • H
        hoba
        last edited by

        If you have private IP's on WAN you might need  to uncheck "block provate ips" at interfaces>wan (bottom of the page)

        1 Reply Last reply Reply Quote 0
        • A
          aleph
          last edited by

          @hoba:

          If you have provate IP's on WAN you might need  to uncheck "block provate ips" at interfaces>wan (bottom of the page)

          Just did it… doesn't work.

          Any other idea?

          1 Reply Last reply Reply Quote 0
          • H
            hoba
            last edited by

            @aleph:

            I've added a rule to the firewall for the WAN interface with source ip = all, source port = all, dest. ip = my pfSense internal (LAN) ip and dest. port = 443. This does not work…

            I think I hav missed something from your original post: Are you using NAT or do you just route? In case you are using NAT your internal LAN-IP isn't available from the outside. Try changing that rule to destination IP WAN-IP of your pfsense and access it by the WAN IP.

            1 Reply Last reply Reply Quote 0
            • A
              aleph
              last edited by

              @hoba:

              I think I hav missed something from your original post: Are you using NAT or do you just route? In case you are using NAT your internal LAN-IP isn't available from the outside. Try changing that rule to destination IP WAN-IP of your pfsense and access it by the WAN IP.

              Yes, now it works. It's still a problem since I've got a dynamic IP on WAN interface, but for now it's ok.

              Anyway I'm not able yet to access my intranet web server from outside.
              I've forwarded any IP and any port to my web server IP (192.168.1.193) and port 80, but does not work.
              Any idea?

              1 Reply Last reply Reply Quote 0
              • H
                hoba
                last edited by

                If you have DHCP on WAN you can change your destination IP of that rule to any. Unless you forward the webguiport to anything else you are protected by the NAT ;-)

                Did you check the "autocreate firewall rule" at the bottom of the page when creating the portforward? This is importent as it won't pass your WAN interface to be forwarded by that NAT-rule then.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.