pfSense Firewall

Enabling pfSense 2.7.2 administration via the WAN interface

pfSense 2.7.2 is a firewall software used to monitor and control incoming and outgoing network traffic based on predetermined security rules, pfSense installs a physical computer or virtual machine. pfsense firewall is generally managed (web interface) via the internal or LAN (Local area network) interface.

By default, pfsense 2.7.2 doesn’t allow remote access to the web interface from WAN. This step-by-step tutorial shows you how to enable pfSense 2.7.2 administration (web interface) via the WAN (Wide area network) interface.

Demo environment (Virtual)

  • CPU: 64-bit
  • RAM: 4GB
  • Disk drive: 10GB
  • Network interface: 2

Method 1- Creating firewall rules

Use this method, if you already have access to the web interface via LAN. In this method, the PFSense firewall is accessed via the internal or LAN interface and creates a firewall rule.

1. Open Interfaces > WAN

Untick Block private networks and loopback addresses and Save.

This tutorial shows you how to enable pfSense 2.7.2 administration via the WAN interface

2. Open Firewall > Rules > WAN Tab and Add Firewall Rule

  • Edit Firewall Rule Settings
  • Action: pass
  • Interface: WAN
  • Address Family: IPv4
  • Protocol: TCP
This tutorial shows you how to enable pfSense 2.7.2 administration via the WAN interface

Source Settings

  • Source: Any

Destination Settings

  • Destination: WAN Address
  • Destination port range: HTTP (Or the custom port)

And Save the Rule

This tutorial shows you how to enable pfSense 2.7.2 administration via the WAN interface

Method 2 – Disabling packet filter

This is a temporary method, used if you have no access to the web interface via LAN. In this method access the pfsense firewall via SSH or console and disable packet filter.

1. Choose option 8 and press Enter key.

This tutorial shows you how to enable pfSense 2.7.2 administration via the WAN interface

2. Type pfctl -d and press the Enter key.

This tutorial shows you how to enable pfSense 2.7.2 administration via the WAN interface

This will disable the packet filter entirely and you will be able to access the web interface from any interface. This method is useful for temporary or first-time setup.

  • Enable packet filter pfctl -e
  • Disable packet filter pfctl -d