OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 15.7 Legacy Series »
  • [SOLVED] Allow webinterface access from WAN
« previous next »
  • Print
Pages: [1]

Author Topic: [SOLVED] Allow webinterface access from WAN  (Read 7528 times)

mic333

  • Newbie
  • *
  • Posts: 2
  • Karma: 1
    • View Profile
[SOLVED] Allow webinterface access from WAN
« on: July 20, 2015, 08:36:09 pm »
hello
im trying to configure opnsense to allow webinterface access from WAN (virtualbox). I check many configurations and no luck.
1.disable bogon and private networks - didnot help
2. create pass rule on wan (any to any) - didnot help
3. anti lockout rule disable -  didnot help

Is there any way to configure this ?
« Last Edit: September 10, 2015, 05:04:14 pm by franco »
Logged

phoenix

  • Hero Member
  • *****
  • Posts: 506
  • Karma: 55
    • View Profile
Re: Allow webinterface access from WAN
« Reply #1 on: July 20, 2015, 08:38:51 pm »
Surely you don't want to allow the world access to your firewall, that's not really good practice. Can't you use a VPN to get access to it?
Logged
Regards


Bill

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13624
  • Karma: 1172
    • View Profile
Re: Allow webinterface access from WAN
« Reply #2 on: July 20, 2015, 09:41:20 pm »
If you do a test run in Virtual Box, on the interface assignment use don't assign a LAN (just hit enter) and then assign WAN to a bridged (or properly NATed interface). Then you'll have WAN access by default.
Logged

mic333

  • Newbie
  • *
  • Posts: 2
  • Karma: 1
    • View Profile
Re: Allow webinterface access from WAN
« Reply #3 on: July 21, 2015, 09:20:27 am »
Quote from: phoenix on July 20, 2015, 08:38:51 pm
Surely you don't want to allow the world access to your firewall, that's not really good practice. Can't you use a VPN to get access to it?

yes i now that, this is no good practice but for testing in virtualbox it can be very helpfull

Quote from: franco on July 20, 2015, 09:41:20 pm
If you do a test run in Virtual Box, on the interface assignment use don't assign a LAN (just hit enter) and then assign WAN to a bridged (or properly NATed interface). Then you'll have WAN access by default.

Thanks for the answer but i want a real working env. (2 cards and more). i can disable firewall by command pfctl -d, but after change something (submit) in panel it will automatic turn on and block me out. no port forward, rules on wan any to any not working.
On virtualbox network is set to WAN(bridge) and LAN(im trying with HOST an INTERNAL) if opnsense cant open this ports, maybe there is a configuration to bridge LAN side with the host runing virtualbox?


Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13624
  • Karma: 1172
    • View Profile
Re: Allow webinterface access from WAN
« Reply #4 on: July 21, 2015, 02:24:53 pm »
Well, try what I said, add an additional pass rule for port 443/tcp from WAN any to WAN address. After that, add the LAN through the GUI and after apply--given that the pass rule works--you can still access the GUI from WAN.
Logged

AdSchellevis

  • Administrator
  • Hero Member
  • *****
  • Posts: 849
  • Karma: 163
    • View Profile
Re: Allow webinterface access from WAN
« Reply #5 on: September 03, 2015, 02:28:06 pm »
In case the firewall rule on WAN fails to work, you probably need to disable the "route-to" option on this firewall rule.

Go to the firewall rule on wan, then "Advanced Options" and check "This will disable auto generated reply-to for this rule." this lets you access the firewall from another host within the same net without using the gateway.

Logged

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 15.7 Legacy Series »
  • [SOLVED] Allow webinterface access from WAN
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2