Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Acces WebGUI from Wan issue.

    Scheduled Pinned Locked Moved Firewalling
    12 Posts 3 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      Ptibiskwi
      last edited by Ptibiskwi

      Hi,

      Im new to PfSense so i installed one to try it out.
      But im having issues, i would lik to be able to acces the WebGui through WAN.

      My home network is in 192.160.0.0/24, gateway is 01, Wan IP of the Pfsense is .75.
      The pfsense is running on as server with multiple Virtual switches to the lan site of the pfsense is 10.0.0.0/24 and il accessing it from a vm located in the 10.0.0.0/24 network.

      So lan IP 10.0.0.72
      Wan IP 192.168.0.75

      Here you can fin a printscreen from my rules.
      https://imgur.com/a/Y7Derve
      https://imgur.com/a/AxT6bMU

      Im don't get why im not able to acces the webgui from WAN (192.168.0.0/24 range)

      Thanks,

      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by johnpoz

        If you turned off block rfc1918 and are access it from your internal network wan side should have no problem if you allow the correct port. Looks like you have states there that are established..

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        1 Reply Last reply Reply Quote 0
        • P
          Ptibiskwi
          last edited by

          Block RFC1819 is turned off.
          But as you can see on the printscreens the rule seems to work it says ESTABLISHED.

          i really don't get it.

          1 Reply Last reply Reply Quote 0
          • johnpozJ
            johnpoz LAYER 8 Global Moderator
            last edited by

            Sniff on your wan side when making the the connection.

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.8, 24.11

            1 Reply Last reply Reply Quote 0
            • P
              Ptibiskwi
              last edited by Ptibiskwi

              This is what i get, does this means something to you?

              https://imgur.com/a/wQz1xp5

              .10 my pc .75 wan ip of the pfsense.

              1 Reply Last reply Reply Quote 0
              • johnpozJ
                johnpoz LAYER 8 Global Moderator
                last edited by johnpoz

                Yeah nothing answered... Where did you sniff that at? On pfsense Wan?

                You should get syn,ack back when you send a syn.

                An intelligent man is sometimes forced to be drunk to spend time with his fools
                If you get confused: Listen to the Music Play
                Please don't Chat/PM me for help, unless mod related
                SG-4860 24.11 | Lab VMs 2.8, 24.11

                1 Reply Last reply Reply Quote 0
                • P
                  Ptibiskwi
                  last edited by

                  Yes i ran Wireshark on my pc 192.168.0.10 is that the good way to do so?

                  1 Reply Last reply Reply Quote 0
                  • johnpozJ
                    johnpoz LAYER 8 Global Moderator
                    last edited by

                    Doesn't show you if pfsense actually saw the traffic.. I would sniff on pfsense wan at same time.. Does pfsense send syn,ack but your clients just not seeing it.

                    You say this is all VM network right - that would be my guess where your problem is!!!

                    An intelligent man is sometimes forced to be drunk to spend time with his fools
                    If you get confused: Listen to the Music Play
                    Please don't Chat/PM me for help, unless mod related
                    SG-4860 24.11 | Lab VMs 2.8, 24.11

                    1 Reply Last reply Reply Quote 0
                    • P
                      Ptibiskwi
                      last edited by

                      I just did it on the PfSense side and it sees the request and sends an ack.

                      0_1539520220789_cedffc49-78a5-463c-bc01-8e36b2ac88c4-image.png

                      johnpozJ 1 Reply Last reply Reply Quote 0
                      • RicoR
                        Rico LAYER 8 Rebel Alliance
                        last edited by Rico

                        Have you tried to clear Browser cache and/or Incognito Window?
                        When you open SSH on WAN side, is the connection working?

                        -Rico

                        1 Reply Last reply Reply Quote 0
                        • P
                          Ptibiskwi
                          last edited by

                          Yes i did have tried from other pc's also but same result.

                          I just launched an SSH from 192.168.0.10 to .75 (PfSense Wan) and captured from PfSense.

                          0_1539521540759_dba84511-4745-4625-8300-8aa611431492-image.png

                          1 Reply Last reply Reply Quote 0
                          • johnpozJ
                            johnpoz LAYER 8 Global Moderator @Ptibiskwi
                            last edited by johnpoz

                            @ptibiskwi said in Acces WebGUI from Wan issue.:

                            I just did it on the PfSense side and it sees the request and sends an ack.

                            No it didn't - it answered an arp request, from your pic it is not sending back anything.. All I see it traffic to 443, no response from 443.

                            Same with your ssh - no response, just an answer to the arp request.

                            Did you edit your wan rules to allow ssh? What is in your floating rules if anything?

                            edit: Do you have any sort of port forwards that might be forwarding those ports or floating rules that would block them? You sure your rules loaded? Once you allowed the port?

                            An intelligent man is sometimes forced to be drunk to spend time with his fools
                            If you get confused: Listen to the Music Play
                            Please don't Chat/PM me for help, unless mod related
                            SG-4860 24.11 | Lab VMs 2.8, 24.11

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.