• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

How to access WebGUI from LAN2 (OPT2)

Scheduled Pinned Locked Moved General pfSense Questions
2 Posts 2 Posters 3.2k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • V
    vonskippy
    last edited by Oct 9, 2008, 12:22 AM Oct 9, 2008, 12:20 AM

    I've setup a 6-zone PFSENSE firewall for the local library (see text diagram below).

    The WebGUI is setup as HTTPS on TCP8445.

    LAN (the public network) can access the WebGUI at https://192.168.1.254:8445

    LAN2 (the staff network) can NOT access the WebGUI at https://192.168.10.254:8445

    What rules do I need to add so that:  LAN can NOT access the WebGUI and LAN2 CAN access the WebGUI?

    Currently general Internet access and local Web/Email are working for both LAN & LAN2.  I have the following rules setup:

    LAN (Rules)
    TCP  LAN net  *  192.168.3.20  80 (HTTP)  *
    *    LAN net    *    *                *            xxx.xxx.115.30

    LAN2 (Rules)
    *  LAN2 net  *  DMZ net  *  *
    *  LAN2 net  *  *              *      xxx.xxx.105.161

    I also have remote admin access setup for my IP (in case that matters):

    WAN2 (Rules)
    TCP  xxx.xxx.47.177  *  Interface IP address  8445  *

    And that works as expected.

    6-Zone PFSENSE (v1.2 02/24/2008)

    [WAN] xxx.xxx.115.29/29  -  [WAN2/OPT1] xxx.xxx.105.162/27
    [WIFI/OPT4] 10.1.1.254/24 (GW-WAN)  -  [DMZ/OPT3] 192.168.3.1/24 (GW-WAN2)
    [LAN] 192.168.1.254/24 (GW-WAN)  -  [LAN2/OPT2] 192.168.10.254/24 (GW-WAN2)

    1 Reply Last reply Reply Quote 0
    • C
      Cry Havok
      last edited by Oct 9, 2008, 6:09 AM

      You could just swap the use of the interfaces, however:

      1. Create a rule for LAN2 allowing access to the Interface IP on port 8445/TCP form the LAN2 subnet
      2. Under the Advanced Options select "Disable webGUI anti-lockout rule" and save
      1 Reply Last reply Reply Quote 0
      1 out of 2
      • First post
        1/2
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
        This community forum collects and processes your personal information.
        consent.not_received