Acces WebGUI from Wan issue.

Ptibiskwi

Hi,

Im new to PfSense so i installed one to try it out.
But im having issues, i would lik to be able to acces the WebGui through WAN.

My home network is in 192.160.0.0/24, gateway is 01, Wan IP of the Pfsense is .75.
The pfsense is running on as server with multiple Virtual switches to the lan site of the pfsense is 10.0.0.0/24 and il accessing it from a vm located in the 10.0.0.0/24 network.

So lan IP 10.0.0.72
Wan IP 192.168.0.75

Here you can fin a printscreen from my rules.
https://imgur.com/a/Y7Derve
https://imgur.com/a/AxT6bMU

Im don't get why im not able to acces the webgui from WAN (192.168.0.0/24 range)

Thanks,

johnpoz

If you turned off block rfc1918 and are access it from your internal network wan side should have no problem if you allow the correct port. Looks like you have states there that are established..

Ptibiskwi

Block RFC1819 is turned off.
But as you can see on the printscreens the rule seems to work it says ESTABLISHED.

i really don't get it.

johnpoz

Sniff on your wan side when making the the connection.

Ptibiskwi

This is what i get, does this means something to you?

https://imgur.com/a/wQz1xp5

.10 my pc .75 wan ip of the pfsense.

johnpoz

Yeah nothing answered... Where did you sniff that at? On pfsense Wan?

You should get syn,ack back when you send a syn.

Ptibiskwi

Yes i ran Wireshark on my pc 192.168.0.10 is that the good way to do so?

johnpoz

Doesn't show you if pfsense actually saw the traffic.. I would sniff on pfsense wan at same time.. Does pfsense send syn,ack but your clients just not seeing it.

You say this is all VM network right - that would be my guess where your problem is!!!

Ptibiskwi

I just did it on the PfSense side and it sees the request and sends an ack.

Rico

Have you tried to clear Browser cache and/or Incognito Window?
When you open SSH on WAN side, is the connection working?

-Rico

Ptibiskwi

Yes i did have tried from other pc's also but same result.

I just launched an SSH from 192.168.0.10 to .75 (PfSense Wan) and captured from PfSense.

johnpoz

@ptibiskwi said in Acces WebGUI from Wan issue.:

I just did it on the PfSense side and it sees the request and sends an ack.

No it didn't - it answered an arp request, from your pic it is not sending back anything.. All I see it traffic to 443, no response from 443.

Same with your ssh - no response, just an answer to the arp request.

Did you edit your wan rules to allow ssh? What is in your floating rules if anything?

edit: Do you have any sort of port forwards that might be forwarding those ports or floating rules that would block them? You sure your rules loaded? Once you allowed the port?