HTTPS on optional interface
-
Our phone switch sits on a different subnet (192.168.2.2) from our LAN subnet (x.x.1.1). Both interfaces run their own DHCP, but in order to connect to the PBX (or extensions) it has to go through port 443. Basically
https://192.168.2.2/main for extensions
https://192.168.2.2/admin for PBXI can ping the 2.x subnet, including the IP to the PBX, however it won't let me connect to it through the web interface unless I plug my computer into the 2.x subnet and get my own IP.
What rule do I need to set up to allow this to happen. I feel like I have tried any of the options. Here is a copy of my of the rules from my config file. I think I may have it backwards.
<rule><type>pass</type> <interface>opt1</interface> <max-src-nodes><max-src-states><statetimeout><statetype>keep state</statetype> <protocol>tcp/udp</protocol> <source> <address>192.168.2.2</address> <port>443</port> <destination><network>lan</network></destination> <descr>Phone to LAN</descr></statetimeout></max-src-states></max-src-nodes></rule>Thanks
-
Are you running squid in transparent mode?
-
I do not know what that is….
-
a web proxy that runs on pfsense if you want. if you don't know what it is, unlikely it is running. can you post screenshots of your interface definitions and rules? the xml posting is not real useful :(
-
Rules for phone interface
Should the rules be on the subnet I am trying to access, or to the subnet I am accessing from?
-
Nm, it was an access control issue with the PBX. My LAN subnet was not listed in access controls.
Thx anyway