[SOLVED] Allow webinterface access from WAN

Started by mic333, July 20, 2015, 08:36:09 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
July 20, 2015, 08:36:09 PM Last Edit: September 10, 2015, 05:04:14 PM by franco
hello
im trying to configure opnsense to allow webinterface access from WAN (virtualbox). I check many configurations and no luck.
1.disable bogon and private networks - didnot help
2. create pass rule on wan (any to any) - didnot help
3. anti lockout rule disable -  didnot help

Is there any way to configure this ?
July 20, 2015, 08:38:51 PM #1
Surely you don't want to allow the world access to your firewall, that's not really good practice. Can't you use a VPN to get access to it?
Regards


Bill
July 20, 2015, 09:41:20 PM #2
If you do a test run in Virtual Box, on the interface assignment use don't assign a LAN (just hit enter) and then assign WAN to a bridged (or properly NATed interface). Then you'll have WAN access by default.
July 21, 2015, 09:20:27 AM #3
Quote from: phoenix on July 20, 2015, 08:38:51 PM
Surely you don't want to allow the world access to your firewall, that's not really good practice. Can't you use a VPN to get access to it?

yes i now that, this is no good practice but for testing in virtualbox it can be very helpfull

Quote from: franco on July 20, 2015, 09:41:20 PM
If you do a test run in Virtual Box, on the interface assignment use don't assign a LAN (just hit enter) and then assign WAN to a bridged (or properly NATed interface). Then you'll have WAN access by default.

Thanks for the answer but i want a real working env. (2 cards and more). i can disable firewall by command pfctl -d, but after change something (submit) in panel it will automatic turn on and block me out. no port forward, rules on wan any to any not working.
On virtualbox network is set to WAN(bridge) and LAN(im trying with HOST an INTERNAL) if opnsense cant open this ports, maybe there is a configuration to bridge LAN side with the host runing virtualbox?


July 21, 2015, 02:24:53 PM #4
Well, try what I said, add an additional pass rule for port 443/tcp from WAN any to WAN address. After that, add the LAN through the GUI and after apply--given that the pass rule works--you can still access the GUI from WAN.
September 03, 2015, 02:28:06 PM #5
In case the firewall rule on WAN fails to work, you probably need to disable the "route-to" option on this firewall rule.

Go to the firewall rule on wan, then "Advanced Options" and check "This will disable auto generated reply-to for this rule." this lets you access the firewall from another host within the same net without using the gateway.

Print
Go Up Pages1
User actions