WebGUI access from WAN
-
try setting the webgui to another port.
system –> general setup -
put the webgui on a alternate port.
Then create a firewall rule on the wan interface from any to wan address webgui port.
That should do it.
-
That fixed the problem with not being able to access the webserver. Thanks very much.
One other question. is it possible to block access to the webgui from the WAN port completely? if so, how? or do you just have to set it to a random unused port?
What's the recommendation from the experts?
-
If there is no rule to allow traffic to the webgui port on the wan interface it wil not be accesible.
Everything not expressly permitted is denied per default.
-
Gotcha. I'll make sure to set it to a port that won't be used for anything else and then ensure that there is no rule setup for it on the WAN port.
-
access from WAN
What rule should I write, and how exactly should I write it if I wish to allow access from the wan port?
-
access from WAN
What rule should I write, and how exactly should I write it if I wish to allow access from the wan port?
To allow access the pfSense Web Configurator from the WAN (or Internet):
make a new rule ->
Interface: WAN
Source ip : any (its better to restrict this if you know where you will be accessing from)
Source port: anyDest Ip: WAN Interface
Dest port : the port that the web gui works on, as set in the General Settings:)
-
@sai:
access from WAN
What rule should I write, and how exactly should I write it if I wish to allow access from the wan port?
To allow access the pfSense Web Configurator from the WAN (or Internet):
make a new rule ->
Interface: WAN
Source ip : any (its better to restrict this if you know where you will be accessing from)
Source port: anyDest Ip: WAN Interface
Dest port : the port that the web gui works on, as set in the General Settings:)
Thank you
I'll have to offsite later, too see if it worked
-
Why, pfsense developpers, don't create a little function for enable/disable WAN access with a form "EN/DISABLE button" and with, if configuration not good, a form for create SSL certificat AND select an other port (not 80/443) …
???
Or if a developper, like this concept, why not developpe a package ... ?
I think itsn't complicated to do ...
-
No thanks. This option is not useful and would only clutter the interface. Add a firewall rule to permit the traffic.
-
Why, pfsense developpers, don't create a little function for enable/disable WAN access with a form "EN/DISABLE button"
You already have this.
On the WAN rules page hit the green permit button left of the rule and it gets light green. This means it's disabled. Hit it again to re-enable.
