Blocking webGUI access from outside


  • For the life of me, i just can figure out why this is enabled. I have put explicit Firewall rules in WAN & have only 1 port forward & that too on a different port. Even then i'm able to log on to the webgui from outside the network.

    Any ideas why?









  • Banned

    It's blocked by default. Dunno what you are doing there, and from the looks at all that useless/duplicate OpenVPN/IPsec stuff there, you don't have a clue either.


  • ok genius, not all like you were born with pfsense in their mouth.

    the 1st rule in WAN clearly says ports 443 etc are blocked. then how come i can still access it?


  • @doktornotor:

    It's blocked by default. Dunno what you are doing there, and from the looks at all that useless/duplicate OpenVPN/IPsec stuff there, you don't have a clue either.

    and FYI, i set these rules AFTER i found out that i was able to access it from the web. so i do have some clue, not as pompous as yours though


  • What is 10.10.10.1?  Why do you have a NAT rule forwarding 10.10.10.1:443 to 127.0.0.1:8443?  It looks like a pfBlocker rule but I can't say for sure.  If you have WebGUI listening on a port that you're trying to forward then the result is that WebGUI gets forwarded.  Move WebGUI to a different port or stop forwarding 443.


  • @KOM:

    What is 10.10.10.1?  Why do you have a NAT rule forwarding 10.10.10.1:443 to 127.0.0.1:8443?  It looks like a pfBlocker rule but I can't say for sure.  If you have WebGUI listening on a port that you're trying to forward then the result is that WebGUI gets forwarded.  Move WebGUI to a different port or stop forwarding 443.

    Yes it a pfblocker rule. will try moving webgui to another port & see


  • @KOM:

    What is 10.10.10.1?  Why do you have a NAT rule forwarding 10.10.10.1:443 to 127.0.0.1:8443?  It looks like a pfBlocker rule but I can't say for sure.  If you have WebGUI listening on a port that you're trying to forward then the result is that WebGUI gets forwarded.  Move WebGUI to a different port or stop forwarding 443.

    thanks. tried that & that didnt work. So just reset the firewall & re-did the setup. that worked. ::) :o


  • Resetting the states might have done the same thing without reinstalling, but at least it's working.


  • @KOM:

    Resetting the states might have done the same thing without reinstalling, but at least it's working.

    yup, but definitely something i messed up with. since i'm new to this, i was learning stuff i tried things. anyway this is for a home setup, so no one yelled. ;D


  • If you are trying to access from your own LAN then nothing you put in your WAN rules will affect that.


  • @chpalmer:

    If you are trying to access from your own LAN then nothing you put in your WAN rules will affect that.

    i am not. i tried it from outside the network from work. the pfsense is at home. But its resolved anyway