Why is pfsense directly accessable from the internet?

fridondel12

Hi there,
I am using a pfsense in version 2.4.5.p1.

Its doing ppoe to the modem to get internet access.

Now I figured out, that when I put my external IP from my ISP into the browser, I can directly access my pfsense login page via port 443. That opens up possibilities to bruteforce into my admin account....

As described in the Netgate Documentation access from WAN is disabled by default to the admin console.

Am I doing something wrong here?
There are no rules for WAN except those blocking bogons and private address ranges.

ptt

Are you testing from "LAN side" ?

fridondel12

Yes I did...so I did get it wrong then?

ptt

Yes, you should test from "WAN side"

Firewall rules control what traffic is allowed to enter an interface on the firewall

https://docs.netgate.com/pfsense/en/latest/firewall/firewall-rule-basics.html

fridondel12

thank you anyway for answering to my nooby question.
:-)

the matter is solved then.