Webgui access through wan
-
Hello
PFsense 2.01
I try to access webguy through wan (static address).
I've configured webguy with https port 5555.
I've added firewall rule:
pass
interface wan
tcp
source any
source port range any
destination wanaddress
destination port range 5555 to 5555But i still can't access webguy through wan.
Should I add port forwarding ?
Thank you
Jack
-
Are you trying access the fw from within the LAN to the WAN ip? The rule looks good, but if you are trying to access the WAN using a private IP or a bogon address, there are 2 default rules that block them out. You should not need to use port forward.
-
I have the same problem,
I want to access the webgui by wan. In fact wan is connected to a router where there are connect other pc's and I would to access web-gui from them..
I created the same rule, by following the tutorial in the doc pfSense, I disabled the two rules that block private networks, but I just can not access it ..
No idea?
Please HELP :-\ -
Hello
PFsense 2.01
I try to access webguy through wan (static address).
I've configured webguy with https port 5555.
I've added firewall rule:
pass
interface wan
tcp
source any
source port range any
destination wanaddress
destination port range 5555 to 5555But i still can't access webguy through wan.
Should I add port forwarding ?
Thank you
Jack
In my case, it just works by setting a NAT like this:
-
You dont need to nat.
destination port range 5555 to 5555
Rule should be from any port to 5555 in your case.
-
PFsense 2.01
I try to access webguy through wan (static address).
I've configured webguy with https port 553.
I've added firewall rule:
pass
interface wan
tcp
source any
source port range any
destination wanaddress
destination port range anydeflag block private networks, block bogon networks
Still can't access webguy through wan.
Where is the problem?? ??? -
PFsense 2.01
I try to access webguy through wan (static address).
I've configured webguy with https port 553.
I've added firewall rule:
pass
interface wan
tcp
source any
source port range any
destination wanaddress
destination port range anydeflag block private networks, block bogon networks
Still can't access webguy through wan.
Where is the problem?? ???How did you try to enter the webgui through WAN?
Simply WAN IP or a no-ip domain? -
I'd like to enter the webgui through WAN IP.
The WAN ip is 192.168.1.1 and the https port is 553.
I'll post some screens of my webgui..
They might be more clear than me :-
http://dl.dropbox.com/u/28376825/pfsense/firewall%20adv..png
http://dl.dropbox.com/u/28376825/pfsense/Immagine.png
http://dl.dropbox.com/u/28376825/pfsense/nat.png
http://dl.dropbox.com/u/28376825/pfsense/screen%20firewall.png
http://dl.dropbox.com/u/28376825/pfsense/screen.png
http://dl.dropbox.com/u/28376825/pfsense/screenwan.png -
So- you have a dsl modem doing nat also… Are you sure thats port forwarding your port correctly?
-
no I have only a router that do dhcp. I haven't configure his NAT.
This is my network diagram (sorry my bad handwriting :'( )
I want to access to pfsense from PC 1or2 through WAN
Where is my mistake ???
Thank you
David -
If you do not have a nat rule created to forward 553 to another host, check if this port does not conflicts with any other service running on this machine.
One test you can do is remove gateway from wan and use default routing table.
-
are you seeing it blocked in the firewall logs?
The only thing you need is the firewall rule you described in your first post, and to disable block private networks on that interface. But if you have a 1:1 NAT on your WAN IP or port forward configured that overlaps with that, it will override the ability to access the firewall directly.
-
I changed the port number and now it works!!! ;D ;D ;D
Thank you very very much guys !!! :D -
Hi guys,I know that I'm off-topic but I have an other question, now from wifi I can ping to PC1 and 2.
How I have to do to block it?
Thanks -
On lan firewall tab, create a rule That deny access to pc1 and pc2 ip.
-
Thank you, I am a noob XD :)
But.. If I don't whant that pc on LAN interface can ping any other pc behind wan interface? -
But.. If I don't whant that pc on LAN interface can ping any other pc behind wan interface?
From lan to lan(on same network segment) machines can communicate without passing through firewall.
Take a look on pfsense book and doc.pfsense.org it will help you on first steps.
