Rules for webgui doesnt seem to work across interfaces!

  • Hello
    I use these settings for all of my network interfaces without LAN:

    Lan (got default setting from pfense install)
    Guest1: (settings from the link)
    Guest2: (settings from the link)

    Why can I still access the webgui in one interface to another after I have used these settings?

    Example im in the Guest1 interface, the rules are working and I cannot get to the webui with this adress: or ok its working! But when im trying to access i get full access what to do?

    The same thing happens when im in Guest2 interface. I cannot access webgui with or but i can still access the webgui with


  • Netgate Administrator

    Because you haven't blocked it!  ;)

    Rather than adding lots of rules this is a good situation to use an alias.
    Create a new alias, I called it LOCAL, add all your local subnets to it.
    Then change your 'Block Web GUI' rule to:

    Protocol: TCP
    Source: Guests net
    Destination: LOCAL
    Port: 443

    There are many ways of accomplishing this, as long as it's logically correct use whatever is most readable for yourself. Fewer rules take less cpu cycles to process.


  • ah Ok:p

    I took a picture you posted in an older post and past it here:P

    Why did you choose
    If my lan: is

    Will i then use as alias or will i use or will I use all four: and and

    And why have you used netmask 16? (


  • Netgate Administrator


    Why did you choose

    Because I'm lazy.  :P is a subnet including all of 192.168..
    So it includes all of my local interface subnets. It also includes a load of address space I'm not using which is bad. A better way is to enter each subnet individually so that only your used space is in the alias but this is quicker and I'm lazy.  ;)


  • hehe

    Im sorry for my late answer I havent have time before know!

    Thanks !!

    Then I learned something new!

Log in to reply