Allowing HTTPS through the pfSense Firewall
Solution 1
Fixed it.
Apparently you have to put the ALLOW rules first then you put in the BLOCK rules when doing firewall rules on the WAN interface.
Solution 2
Besides the firewall rule you mentioned, you also need to add port forward rule which points to the internal web server. The idea is when pfsense firewall detects a network connection to TCP port 443, it will redirect the traffic to internal web server TCP port 443.
Follow the steps below to create a port forward under pfsense: (I assume your internal web server has ip address of 192.168.1.1)
After logging into pfsense, goto Firewall --> NAT
Choose Port Forward:, then choose the create button from the right hand side:
Create port forward similar to the screen shown below:
Save the change and you should be ready to go.
Related videos on Youtube
Jason
Updated on September 18, 2022Comments
-
Jason over 1 year
I've included my current setup.
However, when I try and access the firewall from outside my organization, I only get this:
ERR_CONNECTION_TIMED_OUT
Am I not the correct protocols through?
EDIT:
(not mentioned is above this ruleset I back a default catch and block ALL for ALL protocols thinking that I set a block all then allow on a case by case basis.)
So I narrowed down the issue... I think. Apparently, it works fine if you leave the protocol blocked to TCP/UDP. But the moment you try and block ALL protocols it seems to also break OpenVPN and HTTPS.
Maybe I need to allow one of the other protocols as well?
-
Jason almost 8 yearsHowever, I am not port forwarding in this case since pfSense listens on the public IP address.
-
Simon MC. Cheng almost 8 yearsYou also need to perform port forwarding to redirect outside traffic to internal web server. Glad to know you have fixed the problem.