How to access WebGUI from LAN2 (OPT2)
-
I've setup a 6-zone PFSENSE firewall for the local library (see text diagram below).
The WebGUI is setup as HTTPS on TCP8445.
LAN (the public network) can access the WebGUI at https://192.168.1.254:8445
LAN2 (the staff network) can NOT access the WebGUI at https://192.168.10.254:8445
What rules do I need to add so that: LAN can NOT access the WebGUI and LAN2 CAN access the WebGUI?
Currently general Internet access and local Web/Email are working for both LAN & LAN2. I have the following rules setup:
LAN (Rules)
TCP LAN net * 192.168.3.20 80 (HTTP) *
* LAN net * * * xxx.xxx.115.30LAN2 (Rules)
* LAN2 net * DMZ net * *
* LAN2 net * * * xxx.xxx.105.161I also have remote admin access setup for my IP (in case that matters):
WAN2 (Rules)
TCP xxx.xxx.47.177 * Interface IP address 8445 *And that works as expected.
6-Zone PFSENSE (v1.2 02/24/2008)
[WAN] xxx.xxx.115.29/29 - [WAN2/OPT1] xxx.xxx.105.162/27
[WIFI/OPT4] 10.1.1.254/24 (GW-WAN) - [DMZ/OPT3] 192.168.3.1/24 (GW-WAN2)
[LAN] 192.168.1.254/24 (GW-WAN) - [LAN2/OPT2] 192.168.10.254/24 (GW-WAN2) -
You could just swap the use of the interfaces, however:
- Create a rule for LAN2 allowing access to the Interface IP on port 8445/TCP form the LAN2 subnet
- Under the Advanced Options select "Disable webGUI anti-lockout rule" and save