OPNsense Forum
English Forums => General Discussion => Topic started by: Andrew Crane on June 04, 2018, 08:36:28 pm
-
I have a fresh 18.1 install that I'm testing. It's currently on my private network with an RFC1918 DHCP-assigned WAN address.
Problem is, despite enabling access from WAN Net, and removed the Interface's restriction on RFC1918 sourced addresses, I cannot access the installation's WebGUI via the WAN interface. Even if I enable very permissive pass rules, I still seeing Default Deny rule hits from WAN Net addresses in the firewall log. I see the WAN's MAC address in other hosts' ARP tables, but I'm not getting echo replies, or access via the WebGUI on TCP:443.
I can ping out from the interface with no problem.
Ideas welcome! Many thanks.
-
Hi,
Two candidates, could be one or the other or both:
1. You need to disable reply-to globally for your test setup (Firewall: Settings: Advanced)
2. If you have a LAN, WAN is not permitted to receive web GUI connections by default. Add a pass rule under Firewall: Rules: [WAN].
Cheers,
Franco
-
Thank you so much.
Disabling reply-to on WAN rules did the trick.
:)
-
Yay, happy to help! 8)
Cheers,
Franco
-
Hi Franco,
I had the same issue and your very helpful advice of Disabling reply-to at the firewall setting solved my problem. However, I am a bit confused.
Now when I create a new rule, that field is unchecked on the rule. It seems like the firewall setting is overriding the option selected on the rule. If this is the case, I would expect the option the on the rule to be greyed out. If the firewall setting does not override the rule, I would expect the option on the rule to default to the firewall setting. What do you think?