4. Paradox: Enable HTTPS Captive portal login, but block access to Web ADMIN GUI

Paradox: Enable HTTPS Captive portal login, but block access to Web ADMIN GUI

  • B

    I have made a great deal of headway on this new installation of pfSense, but now have a rather frustrating paradox in front of me.

    I have captive portal operating with HTTPS authentication, but if I block access to the firewall at the HTTP and HTTPS protocols, so that noone can get to the firewall ADMIN Web page, then I also cannot use HTTPS portal login pages!

    It seems to have something to do with the resolution of the hostname when i set up the override in the DNS forwarder.

    ACK!  ???

    Thoughts on how I can use HTTPS portal Auth and still block access to the web GUI on that same interface?

    0
  • C

    They use different ports, you can control that with firewall rules. Only permit the minimum required traffic to the interface IP (TCP/UDP 53 for DNS, TCP 8001 for CP), and block everything else to the interface IP>

    0
  • B

    You know, just after I posted this I noticed the 8001 port, but went to sleep due to the hour

    I will try this immediately!  Thanks!

    0
  • B

    when I permitted the traffic as you suggested, I lost the ability to do anything but DNS lookups.

    Odd.

    0
  • C

    you have to allow Internet traffic below blocking everything to the interface IP.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy