Why PFSense is accessible using WAN IP in default configuration?

  • i'm using PFSense in my network as my router, and my WAN connection is static ip and Class C IP for my LAN side, and i'm shocked when i found out that i can access the router outside the network by just entering the WAN IP, even though there is no portforwarding configured or any configuration that allows WAN to access the router, it just a default configuration in WebGui. anyone have idea about this?

    thanks in advance.

  • I believe you must be entering your WAN address on a client on your LAN interface. Since your LAN comes with an "Allow All" rule by default this would be expected.

  • probably no sir, because we have 3 service provider separated network, 1 fiber ISP used for PFSense with Static public IP, and 2 DSL line which we used for wifi connection, even i check in portchecker.co port 80 is open for my WAN ip, no NAT reflection is enable, i'm stock with this sir.

    i'm sure also this is nothing to do with Zabbix Agent configured in my router. portforwarding is fined.

  • Show a snapshot of your WAN rules. If you have multi WAN then all of them.

    pfsense as default does not in any way shape or form allow any kind of unsolicited traffic inbound through the WAN.

    If you have changed settings you might have allowed this.

  • Thank you so much sir, i just remove an any any rule configured in the WAN interface, its all now good,, i forgot to check the rules, i only focus on Advance Admin access, and NAT configuration.. Thank you for your time sir.

  • Glad you found it.. :)

Log in to reply