Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfsense answering on wan instead of openvpn

    Scheduled Pinned Locked Moved OpenVPN
    10 Posts 3 Posters 374 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      thekorn
      last edited by

      Hello,

      noticed that my openVPN tcp interface was down on the status page. Eh? What?

      Long story short, if I go to my IPv4 address via an external network, pfsense itself is answering instead of openVPN.

      I'm really confused by this because I don't appear to have any WAN rules that would allow this. wan_rules.png

      Any help / pointers in the right direction? How is this even possible???

      Thanks in advance! (Happy to grab any logs, just don't know what would be helpful here.)

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @thekorn
        last edited by

        @thekorn
        If your webGUI is listening on port 443 consider to state another port.
        System > Advanced > Administration

        T 1 Reply Last reply Reply Quote 0
        • T
          thekorn @viragomann
          last edited by

          @viragomann Well really I'd like to stop the webgui from answering on the WAN entirely -- especially since I can't see how it's possible with this rule set to begin with!

          1 Reply Last reply Reply Quote 0
          • chpalmerC
            chpalmer
            last edited by

            Go to /system_advanced_admin.php

            Change the port number of your GUI there to something other than 443.

            Triggering snowflakes one by one..
            Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

            T 1 Reply Last reply Reply Quote 0
            • T
              thekorn @chpalmer
              last edited by

              @chpalmer That's not really solving the problem. I do not want the gui to answer on the wan on any port, and can't figure out why it is!

              V chpalmerC 2 Replies Last reply Reply Quote 0
              • V
                viragomann @thekorn
                last edited by

                @thekorn
                So just don't allow it.

                pfSense doesn't allow any access on WAN by default. If your webGUI is accessible you might have added a pass rule permitting it.

                T 1 Reply Last reply Reply Quote 0
                • T
                  thekorn @viragomann
                  last edited by

                  @viragomann i showed all the wan rules in the first post. There are no pass rules, which is why I'm very concerned!

                  V 1 Reply Last reply Reply Quote 0
                  • V
                    viragomann @thekorn
                    last edited by

                    @thekorn said in pfsense answering on wan instead of openvpn:

                    There are no pass rules, which is why I'm very concerned!

                    I can see at least 5 pass rules allowing access to the WAN address.

                    Well, but I don't know, on which port your webGUI is listening.
                    I guess, it's on 443, however, which is default, and you've opened it.

                    1 Reply Last reply Reply Quote 0
                    • chpalmerC
                      chpalmer @thekorn
                      last edited by

                      @thekorn

                      1732443874159-wan_rulesv2.png

                      That one right there allows it no matter what you call it in the description.

                      You have to go to the page we directed you to and change the GUI port or simply change the VPN port which would be probably easier unless your trying to avoid someone else's filters which I guess you are trying to do. In that case use another port for your GUI and remember what that is.

                      Triggering snowflakes one by one..
                      Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

                      T 1 Reply Last reply Reply Quote 0
                      • T
                        thekorn @chpalmer
                        last edited by

                        @chpalmer That got me fixed up, thanks.

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.