Web GUI Access from Internet
-
Hello Members
I have configured pfSense to allow me access to pfsense from the internet as shown in the attached image. However, I'm still unable to connect over the WAN interface.
Can someone help me please help?
Cheers
Carlton
-
Bad idea…
Are you opposed to SSH or VPN?
If you are hell bent on having a very insecure set up, I wouldn't allow 443 on the wan.
Rather, I would port forward TCP port 443 from the wan to the pfsense lan IP (default is 192.168.1.1)
-
Kej,
Thanks for replying.
I just want to see it working.
After that I will remove it.
Can you help?
Cheers
-
Change destination to "Wan Address" from the list.
-
I've done this with VMs numerous times out of necessity for a few minutes to make some changes before blocking it.
Make a NAT rule under firewall > NAT
When the rule pops up, leave most of it alone.go to destination range and type in 443 in both blanks
redirect target ip - enter the pfsense lan IP (192.168.1.1 is default)
redirect target port - 443
Thats about it…
You should delete your existing rule that you posted earlier.
After you try this rule you just made you should probably delete it pretty fast also (-;
-
Kej
I followed your instructionns.
Are you now saying I should be able to access my Web GUI from any internet connection?
Cheers
-
Kej
I tried your suggestion, but I wasn't able to access my web gui with address https://192.168.1.1/
-
Yeah - I'm in Manila and I just added that (very inadvisable) rule to a personal box of mine in the states and it worked perfectly…
Then I promptly deleted the rule... -
I tried your suggestion, but I wasn't able to access my web gui with address https://192.168.1.1/
I'm not sure how you think you're going to route to a non-routable private address from the Internet…
-
hehe - OK
That IP is the one you forward too…
What you type into your browser is https://your pfsense public IP
-
;)
OK, inserted in my browser https://pfsense public ip address and I got web page is not available.
The following is my configuration
-
Is your lan interface IP 192.168.1.1?
-
Hi Kej
Yes it is.
-
And are you outside the lan on some other computer or are you trying to access this on a computer connected to pfsense?
-
Kej
I'm outside the lan on some other computer
-
Then it should work unless you have some block rules somewhere, the wrong public ip or have some other settings messed up elsewhere.
Once its working, don't forget to change your username / pass to admin/admin and post your public IP here.
-
I just had a really bad sneaking suspicion that I just have to ask…
What is the WAN of the pfsense hooked up to?
If pfsense is plugged into a MODEM (not a router) and the ISP isn't blocking 443 this should already be working.
If this is plugged into a ROUTER or a COMBO modem router and your pfsense is showing some private IP (like 192.168.x.x) on the WAN interface in the gui, this isn't going to be so simple.
-
Kej
I'm not actually on some other computer… I'm on my own computer that has internet access. However, my pfSense has been deployed on ESXi host.
pfSense has a public ip address as well as a LAN address.
I can connect via LAN but can't connect via WAN. I know the pfSense WAN interface is configured corrected with a public ip address because I can ping 8.8.8.8 and any other public ip address from pfSense interface.
Cheers
-
Does "my own computer" have a different public IP than pfsense wan?
You can always PM me your public IP and I can try it from here….
-
'My own computer', has an ip address assigned to by Virgin Media of 192.168.0.1.
So basically, what I'm trying to do is access my pfsense firewall from any computer that has an internet connection
-
If you PM me your public IP that pfsense is on, I will see if I get a GUI interface from here.
(NOTE - I don't actually think this is a good idea, but for the sake of testing, I'd do it)
-
Kej
I hope you're on the level - PM sent
-
Not working - How are you determining your public IP?
-
I configured it when I deployed it with ESXi host
see image
-
And are you sure it is working?
Can you please show the main pfsense gui?
The part where it talks about version under system information?
Does it say "you are on the latest release" or some other message?
-
Do you mean
-
Or do you mean
-
No - I mean the first thing that pops up when you go to https://192.168.1.1
left side of screen
Version. -
I have to sleep, so here is what you need to verify - pfsense can see the internet and also be seen.
-
Here you go
-
Anybody else can help while Kej gets some Zzzzzzzzzz?
-
Just so you, when I turn off firewall, see below I can connect to pfsense with http://pfsense public ip address.
Therefore, I need to create a firewall rule to allow access when the firewall is enabled….
Can you help with that?
-
You do not need to port forward to your LAN address.
Making a WAN rule to your WAN Address will work much easier.
Go back to my first post and try what I said. Delete any port forwarding you have done with your GUI port (I assume 443)
I do this with every firewall I put in until I test the VPN from my location here.
-
https://forum.pfsense.org/index.php?topic=86709.0
https://forum.pfsense.org/index.php?topic=86838.msg476382#msg476382 This one you state you made it work on port 80…
:o
-
chpalmer,
Thanks for responding.
I will implement your suggestion
Cheers