Webgui listen port problems



  • Pfsense box running with public IP on eth0 and private ip on eth1
    Pfsense is listening on https on custom port 9909

    I've got NAT rules for http and https
    Https works perfectly and the http rules is identical other than the obvious http instead of https on the destination port.

    I have public dns entry www.myurl.com > public IP address

    When you go to https://www.myurl.com everything works perfectly, however if you go to http://www.myurl.com you eventually get redirected to https://www.myurl.com:9909

    Doing a tshark on the destination of the NAT rules I don't see any http requests getting to the box, but I do see https (when using https). Now the strange bit, at this point I would assume something wrong with the http nat and related firewall rues. However if I go to http://www.myurl.com/secure (a sub directory I had a holding page on) the http requests do get to box and I can confirm this with a tshark on the destination box.

    I've ticked the box for Disable webConfigurator redirect rule which as I understand should fix this but it actually makes no difference

    Any suggestions?


  • LAYER 8 Global Moderator

    Where are you when you go to either http or https www.myurl.com - are you inside pfsense or outside on the public internet?

    IF you don't see any http getting to the box how are you getting redirected to https://www.myurl.com:9909?  Where are you doing the redirect, pfsense can not do such a redirect that I am aware of.



  • @johnpoz:

    Where are you when you go to either http or https www.myurl.com - are you inside pfsense or outside on the public internet?

    IF you don't see any http getting to the box how are you getting redirected to https://www.myurl.com:9909?  Where are you doing the redirect, pfsense can not do such a redirect that I am aware of.

    Externally and thats the problem we aren't doing that redirect anywhere.

    I thought this was the culprit

    WebGUI redirect
    Disable webConfigurator redirect rule
    When this is unchecked, access to the webConfigurator is always permitted even on port 80, regardless of the listening port configured. Check this box to disable this automatically added redirect rule.

    I understood that option was doing the redirect. I have this box ticked and it makes no difference


Log in to reply