Webgui access through wan
-
I'd like to enter the webgui through WAN IP.
The WAN ip is 192.168.1.1 and the https port is 553.
I'll post some screens of my webgui..
They might be more clear than me :-
http://dl.dropbox.com/u/28376825/pfsense/firewall%20adv..png
http://dl.dropbox.com/u/28376825/pfsense/Immagine.png
http://dl.dropbox.com/u/28376825/pfsense/nat.png
http://dl.dropbox.com/u/28376825/pfsense/screen%20firewall.png
http://dl.dropbox.com/u/28376825/pfsense/screen.png
http://dl.dropbox.com/u/28376825/pfsense/screenwan.png -
So- you have a dsl modem doing nat also… Are you sure thats port forwarding your port correctly?
-
no I have only a router that do dhcp. I haven't configure his NAT.
This is my network diagram (sorry my bad handwriting :'( )
I want to access to pfsense from PC 1or2 through WAN
Where is my mistake ???
Thank you
David -
If you do not have a nat rule created to forward 553 to another host, check if this port does not conflicts with any other service running on this machine.
One test you can do is remove gateway from wan and use default routing table.
-
are you seeing it blocked in the firewall logs?
The only thing you need is the firewall rule you described in your first post, and to disable block private networks on that interface. But if you have a 1:1 NAT on your WAN IP or port forward configured that overlaps with that, it will override the ability to access the firewall directly.
-
I changed the port number and now it works!!! ;D ;D ;D
Thank you very very much guys !!! :D -
Hi guys,I know that I'm off-topic but I have an other question, now from wifi I can ping to PC1 and 2.
How I have to do to block it?
Thanks -
On lan firewall tab, create a rule That deny access to pc1 and pc2 ip.
-
Thank you, I am a noob XD :)
But.. If I don't whant that pc on LAN interface can ping any other pc behind wan interface? -
But.. If I don't whant that pc on LAN interface can ping any other pc behind wan interface?
From lan to lan(on same network segment) machines can communicate without passing through firewall.
Take a look on pfsense book and doc.pfsense.org it will help you on first steps.