Don't access WAN Interface when set IP for LAN Interface
-
Hi all
I have a question. When I installed pfSense in vmware workstation with 2 card WAN(bridge) and LAN(host-only). First I set IP for WAN Interface with 192.168.1.253 and don't set IP for LAN Interface. My PC have IP 192.168.1.2 can access web configurator of pfSense over WAN Interface. Next I set IP for LAN Interface 172.16.0.1. Then My PC cann't access web configurator over WAN Interface. Can you help me to fix this issue. Thanks for all. -
What is your firewall rules on WAN?
-
If you only setup one interface, it would have put an anti-lockout rule on WAN to let you in. when you activated the LAN, it cut off that access thinking you wanted to get to it from the inside instead.
You can get around this two ways:
1. Setup a VM in the LAN and access it from there
2. From the console, go to the shell and run:pfSsh.php playback enableallowallwanAnd then get into the GUI, add a proper rule to let you back in, and remove the 'allow all' rule that the previous command just added.
-
-
JIMP already said the solution, but as i expected your wan rules isn't allowing even a thing to happen.
You could add there a rule that allows management for that pfsense.You should do this before creation of lan, if you really don't want to have management access only in lan side.
Action: pass Disabled: unchecked Interface: WAN Protocol: TCP Source: you should determine your wanted ip or any Source port: leave it as is Destination: wan ip Destination port: management port #(could be 80, 443 or what ever you have set) Log: unchecked(usually this would be good trafic to log) Description: something descritive, like firewall managementAnd click save.
-
JIMP already said the solution, but as i expected your wan rules isn't allowing even a thing to happen.
You could add there a rule that allows management for that pfsense.You should do this before creation of lan, if you really don't want to have management access only in lan side.
Action: pass Disabled: unchecked Interface: WAN Protocol: TCP Source: you should determine your wanted ip or any Source port: leave it as is Destination: wan ip Destination port: management port #(could be 80, 443 or what ever you have set) Log: unchecked(usually this would be good trafic to log) Description: something descritive, like firewall managementAnd click save.
thanks all. I got it
