Webconfiguration page will not able to access if LAN is enable



  • Dear all,

    I added an interface and assign a static IP (without connected) to port 2 (Port 1 is WAN) and I found that the webconfiguration page cannot be access. After removing the port 2, the webconfiguration page can be access after a reboot, is it a bug?

    Regards,
    Frank



  • On a single-interface system, the interface is WAN and pfSense puts the anti-lockout rule on WAN so you can get in.
    When you add another interface, it becomes a "normal" system. The 2nd interface is LAN and the anti-lockout rule is removed from WAN and added to LAN. After doing that, you need to access the webGUI from LAN.
    If you still need access from WAN, then first add a rule on WAN to give access to what you want (e.g. destination WANaddress port 22/80/443). Then add the LAN interface.



  • Dear phil.davis,

    Ok, I understand what you said. So, if I need to grant access from WAN, I need to add a firewall rule to replace the anti-lockout rule?

    Regards



  • Yes, add a firewall rule on WAN that allows access to destination WANaddress and the ports you want to use (SSH, HTTP, HTTPS maybe).
    Then when the automatic anti-lockout rule moves over to LAN, you still have your rule on WAN that lets you in from WAN.



  • Thanks very much, we will try it.