Force WebGUI Access over WAN

  • Alright, I surrender and am asking for assistance.

    I have a brand new instance of pfSense running on a box. It's intended to be used for VPN and internal routing for our rack in the datacenter. It currently only has one NIC and a public IP. I have access to the box "physically" by KVM.

    pfSense appears to be fine, the machine can ping out (indicating that network access is hunky dory). However, when I attempt to access the webGUI it times out, as expected because it's WAN. Ok, fine I added my IPs as allowed using easyrule for both http and https, no change. So I disabled pf all together using pfctl -d. Still no change. I can see my requests being blocked in the filter log but the logging obviously stops when I disable pf.

    What am I missing here and what configuration changes do I need to make to allow access to webGUI over the public IP?

  • You need to forward the port you chose through the firewall.

  • Is there a command besides easyrule that I need to run? From my understanding that's what easyrule did was allowed it through pf for my IP

  • LAYER 8 Global Moderator

    Are you hitting your wan from a rfc1918 IP?  If so those would be blocked before any rule you added is even looked at..  If your hitting your wan IP from rfc1918 space then you have to turn off the default of blocking that.. Which would be listed very top of your wan rules.

    Post your wan rules, and we can take a look see to what might be wrong..