Web GUI Not accessible



  • Good Evening All,

    I have just installed 2.4.4-RELEASE-p3 (amd64) for the first time ever on my new to me Dell R300. She is running Dual on board NICs w/ 8gb ram and Dual 300gb SAS Drives. Not that most of that matters anyway. I am practicing to get this set up to load balance dual ISPs to my internal network. At this time I have an ip address coming in on bge0 as Dynamic from my ISP and it is assigning fine, but once I create my 2nd NIC as a STATIC IP of 10.0.1.1 /24 and an accessible pool of 10.0.1.150 - 10.0.1.252 it locks the ability of me to get to the web interface externally. I had to delete the LAN setup from my local box to be able to regain access to the WEB GUI again.

    Please help out the n00b.

    Thanks,

    Will G


  • LAYER 8 Global Moderator

    So why would you want to get to the web gui from the public side??

    Here is the thing when pfsense only has 1 interface then yes it creates antilock out rule on the wan that allows access to the web gui from the wan side.

    But once you create another interface "lan" then that rule would be removed and no you would not be able to access gui from the wan side IP unless you actually created a rule on the interface to allow access.



  • @johnpoz While trying to learn and play with this a lot of that time is while I am at my office away from home so to be able to access the GUI remotely is of great benefit to me. Additionally once it is up and running to be able to check in on it will be nice as well. Can you point me in the direction of some documentation that would shed some light on how to achieve my goal of remote access from the public side.

    Thank you,

    Will G.


  • LAYER 8 Global Moderator

    Well I wouldn't open the gui to the public internet unless you can lock it down to your source IP.. For example your home IP if your wanting to access it from home to play with.

    Better option would be to setup vpn and vpn into it.. Or do you have a box on the lan side you could get to with teamviewer or something and then access the gui from the lan side?

    If you know your home IP, you could just create a wan rule to allow access to the port your running the gui on.



  • @johnpoz Yes I do have the IP of the server saved in my phone browser and if I really needed I work for the ISP I can just look it up too. Back to the concern of how this would be set up though. Can you point me in the direction of some documentation.

    Thanks again for all the help,

    Will G


  • LAYER 8 Global Moderator

    Documentation of what, setting up a firewall rule to allow access? Look in my signature for the link to the book :)

    But sure here is directly link to remote admin
    https://docs.netgate.com/pfsense/en/latest/firewall/remote-firewall-administration.html



  • @johnpoz actually I just saved that to download and read on the planes tomorrow.

    Thanks again,

    Will G


Log in to reply