Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Web Gui Wan Access!!!

    Scheduled Pinned Locked Moved General pfSense Questions
    2 Posts 2 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      Kamkichi
      last edited by

      First of all, I apologize is this question have been covered.  However, I was not able to find anything about it.

      I will be setting up pfsense inside my local network.  Wan Will be a class c ip and my lan will be a class a.

      ex:

      Wan 192.168.1.10 /255
      Lan  10.10.0.1      /18

      My lan will be use for wifi only.

      I want access thru gui using Wan. 
      No Access thru Lan

      I created an Alias as suggested and a firewall rule and then lan traffic was dead.  What Would it be the right configuration to make this happen.  Thanks Guys!!!

      1 Reply Last reply Reply Quote 0
      • V
        viragomann
        last edited by

        I think, you have some trouble with network classes. A class A net has the CIDR /8, a class C /24.
        https://en.wikipedia.org/wiki/Classful_network

        192.168.1.10 /255 is no possible network.
        A class A net for wifi??? You will need thousands of APs to serve the clients.
        But this is your beer and not the topic.

        If you don't remove the default allow rule on LAN interface or add a block rule for your local network on the top the wifi clients will also be able to access your local hosts! So the firewall will have no effect!

        To access the 192.168.1.10 WAN IP at first you have to remove the check at "Block private networks" at the interface configuration tab.
        Then you have to add a rule (Firewall > rules > WAN) to allow traffic on WAN interface to WAN address and the Webconfigurators port (by default 80 and 443 > therefor you may use an alias). You may also restrict the source to allow access just from a view IPs.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.