Paradox: Enable HTTPS Captive portal login, but block access to Web ADMIN GUI
I have made a great deal of headway on this new installation of pfSense, but now have a rather frustrating paradox in front of me.
I have captive portal operating with HTTPS authentication, but if I block access to the firewall at the HTTP and HTTPS protocols, so that noone can get to the firewall ADMIN Web page, then I also cannot use HTTPS portal login pages!
It seems to have something to do with the resolution of the hostname when i set up the override in the DNS forwarder.
Thoughts on how I can use HTTPS portal Auth and still block access to the web GUI on that same interface?
They use different ports, you can control that with firewall rules. Only permit the minimum required traffic to the interface IP (TCP/UDP 53 for DNS, TCP 8001 for CP), and block everything else to the interface IP>
You know, just after I posted this I noticed the 8001 port, but went to sleep due to the hour
I will try this immediately! Thanks!
when I permitted the traffic as you suggested, I lost the ability to do anything but DNS lookups.
you have to allow Internet traffic below blocking everything to the interface IP.