Author Topic: no access to the webGUI from outside the opnsense (Read 4151 times)

opnsenuser · « **on:** July 06, 2019, 11:24:09 am »

Hi everyone,
on my 2 opnsense boxes (both supermicro E300-8D) I can't access the webGUI from the outside world (management network)

setup for testing external access:
laptop with static address in the same subnet directly connected to the managementinterface
* access the ip with a browser (https://$ip) -> can't connect
* curl the interface ip (curl -k https://$ip) -> timeout

What I've tried:
* checked /var/log/lighttpd.log -> server started
* verify that lighttpd listens on the required interfaces -> managementip :443, loopback :443
* curl the interface address from the opnsense locally -> the loginpage shows up

the above options don't show any errors

what's weird is this:
* ping from the opnsense to the laptop (with icmp allowed) -> destination can not be reached
* forwarding works just as ever
* no incoming connections in pftop with filter to the laptops static ip

Am I missing something?

thanks for your ideas

opnsenuser

JhonnyMnemonic · « **Reply #1 on:** July 06, 2019, 12:12:13 pm »

Firewall: Rules: WAN

Proto Source Port Destination Port Gateway Schedule Description
IPv4 TCP/UDP * * WAN address 443 (HTTPS) * Allow WAN access

IMPORTANT --> disable reply-to: checked

opnsenuser · « **Reply #2 on:** July 06, 2019, 12:27:49 pm »

Hi,
@JhonnyMnemonic:
The webgui or any other management service should not be accessible via the wan, only via the internal management network.

opnsenuser

JhonnyMnemonic · « **Reply #3 on:** July 06, 2019, 02:21:56 pm »

Sorry I thought that for "outside world (management network)" you meant that you are in a double NAT configuration with OPNsense behind another router.