Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Restrict WEBgui to LAN only

    Scheduled Pinned Locked Moved webGUI
    3 Posts 3 Posters 2.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      polarizer
      last edited by

      new RC4 install.  3 interfaces:  WAN, LAN, OPT1(wireless.)

      I would like to block the ability to log into the WEBgui from the wireless network.

      I've tried blocking port 80 to the pfsense machine's IP, but that stops all web traffic as well.

      Anybody have a better idea?

      Thanks.

      1 Reply Last reply Reply Quote 0
      • GruensFroeschliG
        GruensFroeschli
        last edited by

        I suspect your rule you created has as destination: *
        You need a rule that has as destination all IP's on which your pfSense is reachable.
        I would create an Alias which contains: "WAN-IP", "LAN-IP", "WLAN-IP" of the pfSense.
        Set the destination of your block rule to this alias.

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • jahonixJ
          jahonix
          last edited by

          If you want to block certain access to the webGUI then you're thinking about security, right.
          Start with using HTTPS for pfSense administration and use a non standard port like :456.
          Block access to it from W-LAN and it won't affect regular web usage.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.