How to access WebGUI from LAN2 (OPT2)

vonskippy

I've setup a 6-zone PFSENSE firewall for the local library (see text diagram below).

The WebGUI is setup as HTTPS on TCP8445.

LAN (the public network) can access the WebGUI at https://192.168.1.254:8445

LAN2 (the staff network) can NOT access the WebGUI at https://192.168.10.254:8445

What rules do I need to add so that:  LAN can NOT access the WebGUI and LAN2 CAN access the WebGUI?

Currently general Internet access and local Web/Email are working for both LAN & LAN2.  I have the following rules setup:

LAN (Rules)
TCP  LAN net  *  192.168.3.20  80 (HTTP)  *
*    LAN net    *    *                *            xxx.xxx.115.30

LAN2 (Rules)
*  LAN2 net  *  DMZ net  *  *
*  LAN2 net  *  *              *      xxx.xxx.105.161

I also have remote admin access setup for my IP (in case that matters):

WAN2 (Rules)
TCP  xxx.xxx.47.177  *  Interface IP address  8445  *

And that works as expected.

6-Zone PFSENSE (v1.2 02/24/2008)

[WAN] xxx.xxx.115.29/29  -  [WAN2/OPT1] xxx.xxx.105.162/27
[WIFI/OPT4] 10.1.1.254/24 (GW-WAN)  -  [DMZ/OPT3] 192.168.3.1/24 (GW-WAN2)
[LAN] 192.168.1.254/24 (GW-WAN)  -  [LAN2/OPT2] 192.168.10.254/24 (GW-WAN2)

Cry Havok

You could just swap the use of the interfaces, however:

1. Create a rule for LAN2 allowing access to the Interface IP on port 8445/TCP form the LAN2 subnet
2. Under the Advanced Options select "Disable webGUI anti-lockout rule" and save