pfSense is a firewall software used to monitor and control incoming and outgoing network traffic based on predetermined security rules, pfSense installs a physical computer or virtual machine. pfsense firewall is generally managed (web interface) via the internal or LAN (Local area network) interface.
By default, pfsense 2.5.2 doesn’t allow remote access to the web interface from WAN. This step-by-step tutorial shows you how to enable pfSense 2.5.2 administration (web interface) via the WAN (Wide area network) interface.
Demo environment (Virtual)
- CPU: 64-bit
- RAM: 4GB
- Disk drive: 10GB
- Network Interface: 2
- LAN IP: 192.168.3.1
Method 1- Creating firewall rules
Use this method, if you already have access to the web interface via LAN. In this method, the PFSense firewall is accessed via the internal or LAN interface and creates a firewall rule.
1. Open Interfaces > WAN
Untick Block private networks and loopback addresses and click Save.
2. Open Firewall > Rules > WAN Tab and Add Firewall Rule
Edit Firewall Rule Settings
- Action: pass
- Interface: WAN
- Address Family: IPv4
- Protocol: TCP
Configure Source Settings
- Source: Any
Configure Destination Settings
- Destination: WAN Address
- Destination port range: HTTP (Or the custom port)
Click Save to add the firewall rule.
pfSense 2.5.2 administration (web interface) via the WAN interface has been enabled.
Method 2 – Disabling packet filter
This is a temporary method, used if you have no access to the web interface via LAN. In this method access the pfsense firewall via SSH or console and disable the packet filter.
1. Choose option 8 (Shell) and press Enter key.
2. Enter pfctl -d and press Enter key. (Disable packet filter)
This will disable the packet filter entirely and you will be able to access the web interface from any interface. This method is useful for temporary or first time setups.
Commands
- Enable packet filter
pfctl -e
- Disable packet filter
pfctl -d
LAN and WAN ports
LAN port is one that connects computers and other Devices, LAN port stands for Local Area Network port. LAN network covers a small geographical area. A WAN port is used to establish a connection with an external network like the internet. WAN port stands for Wide Area Network port. Both are quite the same. They only differ in terms of their usage.