https en http toegang dns

pfsense2017

hello, i have a qwestion i tryed evertything to know how this works i cant get it working https and http and dns traffic only alow in the pfsense. can any one help me. everything is now open and want it to close. normaly i know how this works but i have a lot headache and i forgot. i have search google but i cant get it working.

KOM

WAN blocks everything by default. LAN allows everything by default. If you want to only allow http/s and dns traffic then you need to put rules on your LAN interface above the Default Allow LAN to Any rule that only allow the following:

tcp 80
tcp 443
tcp 53
udp 53

You can either make an alias for this and then reference it from one rule, or add 4 unique rules - one for each allowed action. Lastly, delete the Default allow LAN to any rule.

What's a toegang?

pfsense2017

i have this settings...

Interface Bron Bronpoort Doel Doelpoort NAT Adres NAT Poort Statische Poort Omschrijving Acties
WAN any tcp/udp/* * tcp/udp/ 53 (DNS) WAN address *
WAN any tcp/* * tcp/ 80 (HTTP) WAN address *
WAN any tcp/* * tcp/ 443 (HTTPS) WAN address *

it wont work is this right or not?

pfsense2017

@pfsense2017 said in https en http toegang dns:

WAN any tcp/udp/* * tcp/udp/ 53 (DNS) WAN address *
WAN any tcp/* * tcp/ 80 (HTTP) WAN address *
WAN any tcp/* * tcp/ 443 (HTTPS) WAN address *

i dont understanding it. why this settings not working. normaly it works. i dont understanding it. can any one post the right settings.?

KOM

Show me a screenshot of your LAN rules. You appear to be talking about WAN rules and they don't apply to your case. You put rules on the interface that the traffic enters. If you want to affect your LAN clients, you need to put the rules on LAN. Also, when you make a rule change, you need to clear the active states (Diagnostics - States) of any client that the new rule would apply to. Existing active states are not affected by rule changes.

https://doc.pfsense.org/index.php/Firewall_Rule_Basics

https://doc.pfsense.org/index.php/Firewall_Rule_Troubleshooting

pfsense2017

i got it i remember how it works. thanks for the support so far.

thanks i got it working.

pfsense2017

its not good so far youtube is working some https sites are working and other not. http is working https not.

KOM

Post a screen of your LAN rules so we can see what you did.

pfsense2017

Mappings
Interface Bron Bronpoort Doel Doelpoort NAT Adres NAT Poort Statische Poort Omschrijving Acties
WAN any udp/ 53 (DNS) * udp/ 53 (DNS) WAN address *
WAN any 443 (HTTPS) * 443 (HTTPS) WAN address *
WAN any tcp/ 80 (HTTP) * tcp/ 80 (HTTP) WAN address *

u have the settings as it standards now whit this settings is it not working i dont understanding why....

pfsense2017

@pfsense2017 said in https en http toegang dns:

u have the settings as it standards now whit this settings is it not working i dont understanding why....

and have another qwestion if i enable snort is and whit oin code and run it i have no internet.

pfsense2017

alleen http doet het verder niks.

Gertjan

@pfsense2017 said in https en http toegang dns:

@pfsense2017 said in https en http toegang dns:

u have the settings as it standards now whit this settings is it not working i dont understanding why....

and have another qwestion if i enable snort is and whit oin code and run it i have no internet.

Another issue means another thread - in the correct forum, a Dutch exists.

@pfsense2017 said in https en http toegang dns:

alleen http doet het verder niks.

No one here will understand that.
(Only https works, nothing else).

pfsense2017

@pfsense2017 said in https en http toegang dns:

Interface Bron Bronpoort Doel Doelpoort NAT Adres NAT Poort Statische Poort Omschrijving Acties
WAN any udp/ 53 (DNS) * udp/ 53 (DNS) WAN address *
WAN any 443 (HTTPS) * 443 (HTTPS) WAN address *
WAN any tcp/ 80 (HTTP) * tcp/ 80 (HTTP) WAN address *

how must i the settings go to working.?

pfsense2017

not working.png

is this right.?

pfsense2017

please can any one help me? i realy dont understanding it.

pfsense2017

snort is also not working if i starting it. i have no internet no connections possible i dont realy understanding it.

pfsense2017

@pfsense2017 said in https en http toegang dns:

snort is also not working if i starting it. i have no internet no connections possible i dont realy understanding it.

ik ben er klaar mee ik snap het niet. ik denk dat ik de server maar uitschakel en gewoon op de modem verderga

pfsense2017

this is also not working.png

wich is the right settings? can any one post the right settings.?

pfsense2017

i go to sleep i have a headache i normaly i undersnading it but not now. anymore. my left hand trills. tomorrow i go to have to verder

pfsense2017

@pfsense2017 said in https en http toegang dns:

wich is the right settings? can any one post the right settings.?

before snort was working. after update is can only in the webinteface connection be come. i have disabled snort than i have intenet. as i enable it i have no internet anymore. and the nat firewall settigns are not working.