WebGUI Remote Access



  • I have two WAN connections on my pfsense box. Modem1 (WAN) is directly connected to an Ethernet port on my pfsense box. Modem2 (WAN2) is first connected to a router and then the router is connected to an Ethernet port on my pfsense box (I enabled DMZ on the router for the static IP address of WAN2 on the pfsense box). Now I want to remote access the pfsense webgui over the Internet, I know it isn't recommended due to security reasons but I just want to try it first and just implement security later.

    I make a Rule on the WAN tab: proto - TCP, source - any, port - any, destination - WAN address, port - webGUI port, gateway - default. After applying that rule, I try to access the webgui remotely with http://wan1ip:webGUI port and everything seems to be working fine, I can access it.

    Now my problem is remote accessing pfsense through WAN2. I make a Rule on the WAN2 tab: proto - TCP, source - any, port - any, destination - WAN2 address, port - webGUI port, gateway - router IP. Take note that WAN2 address is DMZ'd by the router so as to avoid double NAT'ing (double router security) since pfsense is a firewall itself. I then make a port forwarding rule in my router webGUI: proto - TCP, source port - 21000, destination port - 21000, IP address: WAN2 address. After applying those two rules, I try to access the webgui remotely with http://wan2ip:webGUI port and it CANNOT connect to the webGUI. My rules makes sense to me but I really can't make it work with WAN2. What am I doing wrong here?

    Please help. Thanks.



  • Bump! Please help.



  • Did you disable any kind of firewall on the WAN-modem?
    Can you look with TCP dump if you actually get any frames on the WAN2 interface?


Log in to reply