Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Firewall rule to access LAN HTTP/SSH application from the Internet

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 3 Posters 791 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      cobalt2760
      last edited by

      Hi there,

      I'm installing network for an event, as shown (at least, tried) in the attached file.

      The aim of this network is to access a web http application (80) on the local server (172.16.1.42) for users connected in LAN. This network also have a WAN connexion and a static IP.

      I would eventually need, only for maintenance purpose, to access this particular server from the outside, both through HTTP (as a classic local user using the app) and through SSH to operate the codebase.

      I've dig into Firewall pfSense settings and I totally don't know how to start. The only thing I know is that if I enter the public IP address from the outside in the browser, I land on the pfSense configuration web page. I suspect I should route some specific port (like 8080) from the outside through the server (ie if 82.168.32.25:8080 -> 172.16.1.42:80). And maybe something similar for SSH ?

      As you see, I'm a little stuck, and a little help would be much appreciated here !

      Thanks a lot
      pfsense_distant.001.jpg
      pfsense_distant.001.jpg_thumb

      1 Reply Last reply Reply Quote 0
      • T
        Trel
        last edited by

        Firewall -> NAT should be what you're looking for.

        1 Reply Last reply Reply Quote 0
        • V
          viragomann
          last edited by

          If you want to access your web application by entering host name in the browser or without additional port, you have to change the web configurators port in advanced settings and uncheck "WebGUI redirect" at first to vacate port 80.

          Then go to firewall > NAT and set up a port forwarding rule to forward WAN adress port 80 to your server.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.