Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
17.1 Legacy Series
»
Webgui open from WAN
« previous
next »
Print
Pages: [
1
]
Author
Topic: Webgui open from WAN (Read 4711 times)
starf
Newbie
Posts: 2
Karma: 0
Webgui open from WAN
«
on:
February 23, 2017, 05:25:11 pm »
New user, starting off i want to say hello and thanks for an epic product from Belgium.
After testing, i noticed the webgui is open from the WAN
I'm no expert, only notable things i changed are:
* created a third interface and disabled it. (For a future guest network)
* created a port forwarding rule and deleted it because it didn't work
* renamed the wan interface to "Internet" and renamed it back to WAN
There is only one port forwarding rule and that's the Anti-Lockout rule.
Could it be there is some problem with port forwarding causing this? I'm seeing alot of threads about that here.
Any ideas about what to check? Is this a bug?
Thanks in advance.
Logged
bartjsmit
Hero Member
Posts: 2005
Karma: 193
Re: Webgui open from WAN
«
Reply #1 on:
February 23, 2017, 06:05:12 pm »
Hi Starf,
If you haven't set up a port forward and the GUI is accessible from the WAN, you most likely have your interface assignments mixed up. By default, the web GUI is only accessible from the LAN interface.
The anti-lockout rule does not port forward - it only ensures that you cannot block TCP 80 and TCP 443 from the LAN interface which would lock you out of the GUI.
It is worth noting that you can revert to an earlier config (or even the factory default) from the OPNsense console which is accessible from a keyboard and monitor or over SSH if you have configured that.
Bart...
Logged
starf
Newbie
Posts: 2
Karma: 0
Re: Webgui open from WAN
«
Reply #2 on:
February 23, 2017, 06:37:59 pm »
Yes, i know i can revert. Problem is, the system has been put into use already.
Guess i'll give it a try after office hours.
Logged
stormy
Jr. Member
Posts: 61
Karma: 8
Re: Webgui open from WAN
«
Reply #3 on:
March 06, 2017, 08:28:31 pm »
I think I got the same issue, and after some time, realized I was testing it incorrectly.
If testing from HOME/LAN and connecting to the External IP, then opnsense is smart enough to know that you are on the LAN (despite hitting the public IP), and it allows login. Also, tested from phone, but did it via wifi, which also travels through the opnsense box, so it too allowed login to web ui.
Finally, tested with phone without wifi, on cellular network, and it does not allow login to web gui on WAN port.
Hopefully this helps another newbie
Stormy.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
17.1 Legacy Series
»
Webgui open from WAN