Netgate sg5100 open ports on external facing wan ip
-
Default settings applied found ports 80 443 8080 open after nmap scan from separate isolated network. Any ideas
?
-
Let's see a screenshot of your WAN firewall rules tab.
Also, what does "separate isolated network" mean?
Jeff
-
-
So, those look correct. Were you actually scanning the WAN IP of your pfsense box, to come to the conclusion that your ports 80, 443, and 8080 are open?
Do you have an internet ISP modem in place before your pfsense machine?
Jeff
-
@akuma1x yes
-
@PonderingBliss said in Netgate sg5100 open ports on external facing wan ip:
@akuma1x yes
Literally ISP modem ethernet cord connected to IGB zero. Then, IGB1 Ethernet cable Connected to an unmanaged switch. Wi-Fi is connected to switch and some Ethernet over power devices. Cringing over over divulging landscape but just want to get to the root of the situation without getting rooted myself.
-
Ok, so what happens if you load up a browser page, from your isolated network, and put in (your wan IP address):80 or :443 or :8080? Does anything load?
-
@akuma1x
Nothing is loading when I try to go to the browser with the ip (ip:port) and those ports. So bizarre. Even tried netcat and telnet for good measure and nothing. I scanned again and port 21 even popped up. Scanned again later and same ports open then 21 disappears. I don’t know what to make of this.... Tried to ssh in with root/admin user names and nothing. This is all happening still even after a factory reset. Frustrating.Thank you for your time trying to help me figure this out. Any other ideas on why this is happening?
️
-
You are most likely not actually hitting pfSense, but something else. Could be anything in between the scanning client and pfSense (the hotspot device, the ISP on either end, modem, etc)
Run a packet capture on the pfSense WAN while you run the scan, see if the scan even shows up.
-
It also must be said, if you've created no floating rules, if you've created no VPN servers, and you still have ONLY the two default WAN rules - block private networks and bogon networks, nothing is getting in to your pfsense system.
Jeff
