Sign in site publicly available
-
Sorry for the noob question, but how do I prevent access to the pfsense sign in page from the Internet?
I've tried two different rules, one an alias to the url and one as destination "this firewall", but both are still publicly accessible.
I just want to block https, nothing else. -
https://forum.pfsense.org/index.php?topic=140143.msg765747#msg765747
Please "show us" (screenshot) your WAN FW rules
-
I followed this post:
https://doc.pfsense.org/index.php/Restrict_access_to_management_interface
but when I enter in my domain, I'm still able to reach the pfsense log in page.So now I have 4 firewall rules, 2 on LAN & 2 on WAN.
WAN is block access to the domain name.
LAN is permit 1 internal IP & block all else to the destination of "This Firewall"Any ideas?
-
How & from where are you "testing" ?
Please "show us" (screenshot) your WAN FW rules
-
Post up your rules… You can say you did XYZ.. Doesn't mean that is what you actually did.. only that you think you did that.. Most come mistake is not understanding that rules are evaluated top down first rule wins, no other rules are evaluated..
So blocking access to anything below a any any allow rule wouldn't do a thing..
So please post up you rules on your wan and your lan.. And are you using a proxy, etc.
-
Post up your rules… You can say you did XYZ.. Doesn't mean that is what you actually did.. only that you think you did that.. Most come mistake is not understanding that rules are evaluated top down first rule wins, no other rules are evaluated..
So blocking access to anything below a any any allow rule wouldn't do a thing..
So please post up you rules on your wan and your lan.. And are you using a proxy, etc.
I agree. Recently i allowed home management access on WAN only from my office IP. If you follow Johnpoz's steps you should be fine
-
He's probably trying from his LAN, which of coarse by default would allow access..
-
Agreed why can I hit my wan IP from my lan is a question that comes up like daily ;)