Access to webGUI remote
-
Hello
I have my pfSense v2.4 server with dynDNS client providing public IP for my registered host as guard.dyndns.tv
To the host inside pfSense it denominates guard and the domain in this local case like mipagina.com, being guard.mipagina.comIn my hosting provider of my web page (existing in another server), whose domain is www.mipagina.com,
Make the following 2 records in your DNS zone:Name: guard.mipagina.com, type A, content 186.56.45.21 (IP of guard.dyndns.tv at that time, for purposes of proof, of course it will change at some point)
Name: guard.mipagina.com, CNAME type, content guard.dyndns.tvI have created a WAN rule that allows access from a Web Address to another Web Address (guard.dyndns.tv) on port 80.
I've also tried adding the host overrides guard.mipagina.com to local pfsense IP.
Posed thus, I can not remotely access the webGUI (HTTP) with the URL http://guard.mipagina.com
The result of nslookup to guard.mipagina.com is as follows:
Server: 200-21-32-21.telefonica.com.ar (my Internet provider)
Address: 200.21.32.21Non-authoritative answer
Name: guard.dyndns.tv
Address: 186.56.45.21
Aliases: guard.mipagina.comThe result of the ping to guard.mipagina.com (from the outside of local network)
Reply from 186.56.45.21 (sent 4, received 4)
What am I doing wrong?
Greetings and thanks in advance
-
On my system I have it set up to redirect http connections to https.
Is yours doing that? Do you have port 443 open?David
-
Hi
I've squid on port 3128, mode explicity (no transparent).
webGUI on port 80. -
Posed thus, I can not remotely access the webGUI (HTTP) with the URL http://guard.mipagina.com
A default pfSense, with one firewall rule on the WAN interface (redirecting anythhting, port 80 to the firewall ( == pfSense) itself,
or
A default pfSense, with one firewall rule on the WAN interface (redirecting anything, port 443 to the firewall ( == pfSense) itself
and the GUI works from the entire planet.Of course, if there is another router in front of pfSense, more rules are needed concerning these other routers.
But, such a situation actually never exists.
The real solution is : Use (the build in) VPN.
Btw :
I have created a WAN rule that allows access from a Web Address to another Web Address (guard.dyndns.tv) on port 80.
Can you detail that one ??
(do what others do : post a screen copy of your WAN rules).
The "rule that allows access from a Web Address to another Web Address" seems scarry to me.Always : make everything work FIRST, starting from a 'default' system.
(and then blow your install out of the water with package like squid or whatever … This way you know what to do to make it work again ;) )
