WAN management issue

[chicken]

Hi, I am in the process of building a new server for my person colo and it will be running Truenas Scale and I wanted to run OPNsense for the firewall to protect a few VMs running on the scale machine.  I have the VM up and running fine along with the few different inside interfaces.  The challenge I am running into is I cannot get access to the web interface of OPNsense from the WAN interface (i have it renamed to outside in my environment).  This is a brand new install as of this morning of 22.7 with the latest updates inside.  The WAN interface sits on my home network currently (10.200.200.0/24) along with my home PC I am trying to access it from. 

To start on the console of the VM I did a pfctl -d and I could access the firewall fine.  I then went into the outside interface I made sure to disable the no rfc1918 rules and I also checked to make sure the management interface was enabled for all interfaces.  I then went into the WAN firewall rules and did a permit from my home network as a source with a destination of any tcp/443.   When I applied the rule it reenabled OPNsense and I could no longer get to the management gui.  I then disabled it again and tried changing the permit to any any and it still is not working.  This rule is only needed temporary while I configure the machine.  I could access it other ways for now but I want to make sure its not part of a bigger problem as the rule "should" be working from what I can tell.  I have been a long term OPNsense user for my home but the colo has been running a very old PAN firewall VM that has since expired license wise and I want to move to OPNsense.  Any pointers on what I could be missing?  In the logs its showing it is getting caught but the default deny / state violation rule.  My understand is that should process last if nothing else is matching.  Thanks!

[chicken]

A screenshot of the outside rule.  Thanks

[chicken]

poking around the forums, reddit, etc I see so similar types of issues were certain rules would not work.  It seemed to be related to networking issues.  This is a VM under truenas scale and I think I have it setup correctly.  If I shut down the firewall engine with a pfctl -d I can then get to the firewall.  But once I enable it, my rules dont see to be working.  I spun up a quick instance of pfsense CE and it works fine with the same type rule I was trying to get working under opnsense.  Not sure where to go from here    Anyone else running opnsense on truenas scale?

[chicken]

bumping this back up to see if anyone has any ideas on what is going on.   Thanks for any guidance. 

[Maurice]

Try disabling reply-to in the advanced options of the firewall rule.

Cheers
Maurice

[Vesalius]

If you can't get that to work, consider setting up wireguard on opnsense and using that connection to gain access behind the WAN/Outside interface and not have to expose the webui at all.