OPNsense Forum
Archive => 22.7 Legacy Series => Topic started by: chicken on August 19, 2022, 08:49:47 pm
-
Hi, I am in the process of building a new server for my person colo and it will be running Truenas Scale and I wanted to run OPNsense for the firewall to protect a few VMs running on the scale machine. I have the VM up and running fine along with the few different inside interfaces. The challenge I am running into is I cannot get access to the web interface of OPNsense from the WAN interface (i have it renamed to outside in my environment). This is a brand new install as of this morning of 22.7 with the latest updates inside. The WAN interface sits on my home network currently (10.200.200.0/24) along with my home PC I am trying to access it from.
To start on the console of the VM I did a pfctl -d and I could access the firewall fine. I then went into the outside interface I made sure to disable the no rfc1918 rules and I also checked to make sure the management interface was enabled for all interfaces. I then went into the WAN firewall rules and did a permit from my home network as a source with a destination of any tcp/443. When I applied the rule it reenabled OPNsense and I could no longer get to the management gui. I then disabled it again and tried changing the permit to any any and it still is not working. This rule is only needed temporary while I configure the machine. I could access it other ways for now but I want to make sure its not part of a bigger problem as the rule "should" be working from what I can tell. I have been a long term OPNsense user for my home but the colo has been running a very old PAN firewall VM that has since expired license wise and I want to move to OPNsense. Any pointers on what I could be missing? In the logs its showing it is getting caught but the default deny / state violation rule. My understand is that should process last if nothing else is matching. Thanks!
-
A screenshot of the outside rule. Thanks
-
poking around the forums, reddit, etc I see so similar types of issues were certain rules would not work. It seemed to be related to networking issues. This is a VM under truenas scale and I think I have it setup correctly. If I shut down the firewall engine with a pfctl -d I can then get to the firewall. But once I enable it, my rules dont see to be working. I spun up a quick instance of pfsense CE and it works fine with the same type rule I was trying to get working under opnsense. Not sure where to go from here :( Anyone else running opnsense on truenas scale?
-
bumping this back up to see if anyone has any ideas on what is going on. Thanks for any guidance.
-
Try disabling reply-to in the advanced options of the firewall rule.
Cheers
Maurice
-
If you can't get that to work, consider setting up wireguard on opnsense and using that connection to gain access behind the WAN/Outside interface and not have to expose the webui at all.