Move GUI Access to IT Management VLAN?

[dcline]

Hi all,

I'm trying to move my Web GUI Access from the default LAN over to my IT Management VLAN where my equipment resides. Even when using a "Any Any" firewall rule for my VLAN (to rule out any Anti-lockout issues) I still cannot get access to the Web GUI unless I put my machine back onto the LAN Network.

Is their something I missing?

[Gauss23]

System: Settings: Administration
Listen interfaces

[dcline]

System: Settings: Administration
Listen interfaces

It's currently set to "All".

Edit: Tried setting to LAN & IT Management VLAN and still can't access it from the VLAN.

[Gauss23]

Did you set it to "All"? Sometimes a reload of the GUI services is needed. Or do a reboot if it doesn't hurt your clients.

[dcline]

Did you set it to "All"? Sometimes a reload of the GUI services is needed. Or do a reboot if it doesn't hurt your clients.

It was set to "All" by default. Let me try a reboot.

Edit: reboot didn't help.

[Gauss23]

Did you see "Listen interfaces" is there two times. For WebGui and for SSH. Just to be sure you looked for the right one.

[dcline]

Did you see "Listen interfaces" is there two times. For WebGui and for SSH. Just to be sure you looked for the right one.

Yup. I can access the Web GUI when I disable pfblocker. I can confirm that my Firewall rules are Allow Any Any and that they are the only rules. I even added an Allow Any This Firewall Rule just incase.

For kicks and giggles I spinned up a pfSense and ran the same configuration and I can access the Web GUI just fine on this VLAN, not sure what I'm doing wrong on OPNsense.

[Gauss23]

Please open a SSH session and start a shell. Then run: netstat -4an

Do you see port 80 (and 443 if SSL access is configured) opened on all interfaces? Maybe change from "all" to only LAN and VLAN interface. Maybe there is some glitch in the config file which will be solved by setting it to something else.