• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Connecting pfSense Web Interface GUI from different home LAN

Scheduled Pinned Locked Moved General pfSense Questions
4 Posts 3 Posters 121 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • J
    johnytb
    last edited by johnytb 30 days ago 30 days ago

    Hello folks .
    My home network is separate with two LAN's .The first (native) LAN are belong to the house owners in the first floor of the house laying under the ISP router. The second LAN is mine and is located at the second floor and it segmented and separated by the pfSense .

    The first (native) LAN is 10.100.102.0/24
    The second (pfsense) LAN is 192.168.1.0/24
    pfSense WAN is 10.100.102.111

    I need to be able to connect to the pfSense Web GUI from one of the hosts in the first LAN .
    How do i do that ? is it port forwarding ? is it by VPN ? its all inside my house so vpn connection sounds a bit excessive, doesn't it?

    im sure its pretty simple sorry im just new to networking and firewalling hahahaha

    J S 2 Replies Last reply 30 days ago Reply Quote 0
    • J
      johnpoz LAYER 8 Global Moderator @johnytb
      last edited by johnpoz 30 days ago 30 days ago

      @johnytb would just a firewall rule.. if you allow 192.168.1.0 to either pfsense IP on 192.168.1.x or your lan IP or if you have a any any rule than yeah you would be able to connect.

      Problem could come from if you do policy routing.. But unless you are blocking traffic your 2nd lan should be able to talk to really any IP on pfsense.

      What rules do you have on this 2nd lan? Do you have any floating rules, do you do any policy routing?

      first native lan normally has a any any rule by default so you should be able to access no problem, and there is even a anti lockout rule to allow access to pfsense webgui.. You don't have 2 pfsense boxes do you?

      Oh - you want to connect to pfsense wan IP from your isp lan, which is pfsense wan - just create a rule on pfsense wan to allow access to the port your gui is on.

      An intelligent man is sometimes forced to be drunk to spend time with his fools
      If you get confused: Listen to the Music Play
      Please don't Chat/PM me for help, unless mod related
      SG-4860 24.11 | Lab VMs 2.8, 24.11

      1 Reply Last reply Reply Quote 0
      • S
        stephenw10 Netgate Administrator @johnytb
        last edited by 30 days ago

        @johnytb said in Connecting pfSense Web Interface GUI from different home LAN:

        The first (native) LAN is 10.100.102.0/24
        The second (pfsense) LAN is 192.168.1.0/24
        pfSense WAN is 10.100.102.111

        That implies the WAN is in the LAN subnet. Do you mean pfSese just has two interfaces and the "WAN" in this case it just connected to a private subnet from an existing router?

        But, yes, you just need a firewall rule to allow access. And makes sure 'block private networks' is not set on the WAN interface config.

        J 1 Reply Last reply 30 days ago Reply Quote 0
        • J
          johnpoz LAYER 8 Global Moderator @stephenw10
          last edited by 30 days ago

          @stephenw10

          internet -- isp device - 10.100.102.0/24 -- .111 pfsense --- 192.168.1.0/24

          That's what I think he means to say.

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          1 Reply Last reply Reply Quote 1
          1 out of 4
          • First post
            1/4
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
            This community forum collects and processes your personal information.
            consent.not_received