Pfsense Occupying Port 80

Apaar

@gertjan
I m not enabling anything or I don't want to use pfSense on my public IP, The pfSense is giving that on its own and its not letting me give port 80 to the website. I did change the https port as well as the http port, but then pfsense is not letting me access the webui to change it back. it just wont open on local ip.

viragomann

@apaar
How did you try to access it? If you set the HTTPS webConfigurator port to i.g. 444, you have to type
https://<LAN-address>:444 into your browser on a LAN device to reach the web gui.

How did you forward port 80 to your webserver? Provide more details, please.

Derelict

With the Disable webConfigurator redirect rule box checked, pfSense does not listen on port http/80. What port you use to listen on https doesn't matter here (unless it's port 80).

I m opening my public IP from the Lan computer it is opening the Pfsense router login page.

You're running into NAT reflection problems. First, test your site from the outside. If it works you know your port forward is good. Then figure out the NAT reflection issues you're seeing hitting the public IP address from the inside.

https://docs.netgate.com/pfsense/en/latest/recipes/port-forwards-from-local-networks.html

Apaar

@derelict Sir the pfsense occupying the port 80 on local lan when I m trying to access my website from the same computer connected to pfsense on lan.

Apaar

@viragomann Yes, Sir I port forwarded correctly and I checked with a tool called simple port forwarding and it is working fine, there is no issue with the port forwarding its just the 80 port conflicting with the pfsense for some reason. I m also new to this so maybe I m making some mistake but as if now everything on my pfsense is on default.

Apaar

@derelict Could it be because of Pfblocker ? I have pfblocker enabled on my router.

Gertjan

@apaar said in Pfsense Occupying Port 80:

but I m trying to access my website on port 80

Where is this web server ?

Apaar

@gertjan The website is running on my local machine.

Gertjan

So
http://127.0.0.1:80 will do just fine - that is the address of your own pc/device.

You might use the IPv4 or IPv6 of your pc/device, depending how you have set up your web server.

If the hostname of your pc/device is known to the pfSense DNS ( and you did not change any default settings of the DNS !! )

Example :
My pfSense :

My Pc is called "pc"

So I can :

C:\Users\pc>nslookup pc
Serveur :   pfsense.mylocal-lan.tld
Address:  2001:470:1ddf:5c0:2::1

Nom :    pc.mylocal-lan.tld
Addresses:  2001:470:1ddf:5c0:2::c7
          192.168.1.6

Thus I can use "http://pc.mylocal-lan.tld" which points to 192.168.1.6 : that is my pc. Surely not pfSense, who lives at 192.168.1.1

Btw : all this has little to with pfSense.

Apaar

@gertjan okay! I got understood some of it so will try and see if I can fix it. Thank you for your help.

Apaar

@gertjan Can you help me ? A bit as well ? If possible ? on discord.... Maybe have a look at it.

noisyjohn

@gertjan said in Pfsense Occupying Port 80:

edit : a web server project that uses port 80 ?

yes, if you have local sites e.g. for development (domain name is not www), you cannot create certificate and you will not have https.

noisyjohn

@apaar
How I get here? well, I have the same issue in Jan 2023 ...
One usual case is the pfsense behind another router - modem and you connect your pfsense using static IP or DCHP. Almost in the half of cases you get troubles with the firewall on router - modem (especialy if it is a cheep one). I knew that years ago and I always buy a modem that supports PPPoE passthrough I this case pfsense is using the PPPoE functionality, and there are no other firewalls...
But I do get troubles in the last two versions of pfsense (2.5 and 2.6) There are a lot of bugs... A couple of times I loose LAN connection with no reason and restarting webconfigurator from SSH console made the things worst. I added a new NIC, I make a LAN inteface assignment to the new NIC, I was able to login again ... just for making a user data backup.
So, 2 days ago I had another nice symptom: trying to login I got a wondefull page : "hello word!!" the default html after installing new web service.!!! It's seems that this is a related problem with this topic. I am trying 5 days to solve the port 80 problem and still get the same result: port is stealth for outside word. I have a couple of other ports in NAT and there is no problem, which means I do things correctly ... Today I tried something extreeme: allow all from all and all together .. Still the port is Stealth .. May it's better to spent my time setting a plain linux machine and play with NICs, routing tables and linux ip tables. It will be more interesting and educational ...

• good luck

noisyjohn

@noisyjohn
*** I found a linux machine in the outer side of the word, and I did a port scan at my public IP (using linux nmap utility). the same problem with a bare, clean linux machine....
end of story