Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Why PFSense is accessible using WAN IP in default configuration?

    Scheduled Pinned Locked Moved General pfSense Questions
    6 Posts 2 Posters 511 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      wedz
      last edited by

      i'm using PFSense in my network as my router, and my WAN connection is static ip and Class C IP for my LAN side, and i'm shocked when i found out that i can access the router outside the network by just entering the WAN IP, even though there is no portforwarding configured or any configuration that allows WAN to access the router, it just a default configuration in WebGui. anyone have idea about this?

      thanks in advance.

      1 Reply Last reply Reply Quote 0
      • chpalmerC
        chpalmer
        last edited by

        I believe you must be entering your WAN address on a client on your LAN interface. Since your LAN comes with an "Allow All" rule by default this would be expected.

        Triggering snowflakes one by one..
        Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

        1 Reply Last reply Reply Quote 0
        • W
          wedz
          last edited by

          probably no sir, because we have 3 service provider separated network, 1 fiber ISP used for PFSense with Static public IP, and 2 DSL line which we used for wifi connection, even i check in portchecker.co port 80 is open for my WAN ip, no NAT reflection is enable, i'm stock with this sir.

          i'm sure also this is nothing to do with Zabbix Agent configured in my router. portforwarding is fined.

          1 Reply Last reply Reply Quote 0
          • chpalmerC
            chpalmer
            last edited by

            Show a snapshot of your WAN rules. If you have multi WAN then all of them.

            pfsense as default does not in any way shape or form allow any kind of unsolicited traffic inbound through the WAN.

            If you have changed settings you might have allowed this.

            Triggering snowflakes one by one..
            Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

            1 Reply Last reply Reply Quote 0
            • W
              wedz
              last edited by

              Thank you so much sir, i just remove an any any rule configured in the WAN interface, its all now good,, i forgot to check the rules, i only focus on Advance Admin access, and NAT configuration.. Thank you for your time sir.

              1 Reply Last reply Reply Quote 0
              • chpalmerC
                chpalmer
                last edited by

                Glad you found it.. :)

                Triggering snowflakes one by one..
                Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.