pfsense answering on wan instead of openvpn
-
Hello,
noticed that my openVPN tcp interface was down on the status page. Eh? What?
Long story short, if I go to my IPv4 address via an external network, pfsense itself is answering instead of openVPN.
I'm really confused by this because I don't appear to have any WAN rules that would allow this.
Any help / pointers in the right direction? How is this even possible???
Thanks in advance! (Happy to grab any logs, just don't know what would be helpful here.)
-
@thekorn
If your webGUI is listening on port 443 consider to state another port.
System > Advanced > Administration -
@viragomann Well really I'd like to stop the webgui from answering on the WAN entirely -- especially since I can't see how it's possible with this rule set to begin with!
-
Go to /system_advanced_admin.php
Change the port number of your GUI there to something other than 443.
-
@chpalmer That's not really solving the problem. I do not want the gui to answer on the wan on any port, and can't figure out why it is!
-
@thekorn
So just don't allow it.pfSense doesn't allow any access on WAN by default. If your webGUI is accessible you might have added a pass rule permitting it.
-
@viragomann i showed all the wan rules in the first post. There are no pass rules, which is why I'm very concerned!
-
@thekorn said in pfsense answering on wan instead of openvpn:
There are no pass rules, which is why I'm very concerned!
I can see at least 5 pass rules allowing access to the WAN address.
Well, but I don't know, on which port your webGUI is listening.
I guess, it's on 443, however, which is default, and you've opened it. -
That one right there allows it no matter what you call it in the description.
You have to go to the page we directed you to and change the GUI port or simply change the VPN port which would be probably easier unless your trying to avoid someone else's filters which I guess you are trying to do. In that case use another port for your GUI and remember what that is.
-
@chpalmer That got me fixed up, thanks.
