Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Controle pfsense from the wan side

    Scheduled Pinned Locked Moved General pfSense Questions
    10 Posts 5 Posters 2.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      arnoldg
      last edited by

      How can i configure pfsense, so i can control and monitor pfsense from home.

      so basicly i need to get acces to pfsense from the wan side.

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        You can open up firewall holes to the services you require on the WAN interface.
        Either open 443 directly (for web access) or port forward a much higher port, 44433 for example. You are less likely to get continuous malicious login attempts doing that.

        Steve

        1 Reply Last reply Reply Quote 0
        • R
          robpal
          last edited by

          I would recommend using putty ssh client and allowing ssh WITHOUT password but using a key. also add a tunnel for D8080 Then allow firewall rule for SSH in pfsense
          once you are connected via ssh tell your browser to use a socks proxy of 127.0.0.1 or local host
          U are now connected to your home connection and entering your pfsense ip will allow you to administer it as though your sat at home u can also use this to browse the net securely in a public wifi area

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            Yes, SSH tunnelling is far more secure and if you plan do leave this open permanently I also recommend you do this.

            You can also narrow the range of IPs allowed to connect if you know you are only connecting from home.

            Steve

            1 Reply Last reply Reply Quote 0
            • B
              biggsy
              last edited by

              Alternatively, you could use OpenVPN.

              1 Reply Last reply Reply Quote 0
              • A
                arnoldg
                last edited by

                i'm a total nob about ssh tunnels and that kind off stuff.

                i't looks like the tunnel is working from the lan side, but what kind of rull do i have to make it work from the outside world.
                and where do i have to make it, on lan or wan

                1 Reply Last reply Reply Quote 0
                • stephenw10S
                  stephenw10 Netgate Administrator
                  last edited by

                  Make a rule on WAN to allow TCP port 22 with destination WAN address.

                  Steve

                  1 Reply Last reply Reply Quote 0
                  • A
                    arnoldg
                    last edited by

                    When i make this rule, put a forward in the adsl modem.
                    Can i then also surf to the pfsense server and there are som acces point in the field, can i also connect to them they are on the lan side

                    1 Reply Last reply Reply Quote 0
                    • stephenw10S
                      stephenw10 Netgate Administrator
                      last edited by

                      If you have an adsl modem in front of your pfSense WAN interface you will need to do something unless it's in bridge mode.

                      If you have setup an SSH tunnel to your pfSense box you will be able to connect to LAN side clients.

                      Steve

                      1 Reply Last reply Reply Quote 0
                      • L
                        luke240778
                        last edited by

                        arnoldg, personally i think the only real secure way to do this is using VPN.  Follow the instructions on this video and it will work nicely.  This is the video that i used way back when i set mine up, works a charm:
                        http://www.youtube.com/watch?v=odjviG-KDq8

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.