Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Web GUI not accessible on external networks via bridge interface

    Scheduled Pinned Locked Moved webGUI
    2 Posts 1 Posters 495 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      DerShorty
      last edited by

      Hey Guys,
      Since yesterday after work, I decided to spend my weekend, with my new pfSense Hardware for home use. It is some custom Hardware from AliExpress with 5 dedicated 1gbps interfaces (J1800, 4GBDDR3, 64GB SSD).
      My Problem is that I don't get a connection to the web gui on external networks, but on internal network.

      First of all, I want to say that I'm not a network-technician; But a technician and an expired Enduser, hehe.
      Im doing this as a Hobby. Im fascinating of networks and how they work (together).
      Before I was using pfSense I had tried Sophos UTM and XG, for kind of 6 month on each solution.
      Sometime ago I was watching YouTube videos and became aware of pfSense. - ..And now I have a Live System and don't want to switch back. :-)
      The best thing of pfSense over Sophos is, that it is don't need so much resources from the hardware as Sophos does. For example Sophos UTM was running approximately with 80% of RAM, and pfSense uses only 10%. - this is really noticeable if you take a closer look at the devices overall temperature.

      Enough offtopic, going ontopic now:
      My setup reads as follows:
      The Connection comes over landline and Router1 is Modem only. Just to establish the initial connection. It is also used to make an HA-Independent DECT-Network for our household mobiles. pfSense will be configured as Exposed-Host or DMZ within Router1.
      Router1 is 192.168.x.1 on /24 Subnet. Behind, pfSense has static IP 192.168.x.2 on 24 Subnet as well, I will call it WAN. pfSense made the DefaultGW to Router1's 192.168.x.1, and because of pfSense has configured this on its own, I didn't touched it.
      Outgoing NAT is set up on automatic with IPSec. Incoming NAT is empty/nothing.
      ...
      The LAN network is on interfaces 2, 3 and 4. All LAN interfaces are set up with none IP Address but with bridge interface, which I set up on IP 192.168.y.1/24.
      The one (and only) DHCP-Service is also set up on bridge interface.
      ...
      Network is running fine. All clients have internet access and also the configured bridge works as desired, so devices on different interfaces (2 to 4) are still receiving an IP by DHCP and have internet access as well.

      Here I am now.
      What makes me confused is, that is was working on external networks too a couple of hours ago. Then there was no bridge interface, but each lan interface has its own set up.

      Then it came to mind that I have also have to make a translation between wan/lan interfaces <> bridge interface and/or 1:1 forwarding.
      But it still won't work. I'm not even sure if this thinking is correct or not.
      At least the Log is accepting my rulings:
      Public IP > 192.168.x.2:4443
      192.168.x.2:4443 > 192.168.y.1:4443
      (pfSense edited to listen on https 4443, successfully generated and applied let's encrypt certificate with acme challenge)

      I'm dead now. :-D I have learned a lot of new things, but now I have to to ask for a little help.

      I want to thank in advance for spending your time and support. :-)

      Regards,

      1 Reply Last reply Reply Quote 0
      • D
        DerShorty
        last edited by

        ~ Solved yesterday.

        Due to tiredness some FW and NAT Rules were not configured correct.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.