Create a rule using shell in fresh pfSense installation to open up WAN access to WebConfigurator

freebsd pfsense pf
12,660

Solution 1

Try this on the shell to disable PF temporarily:

pfctl -d

Then once you are able to login and create the rules turn PF back on with:

pfctl -e

I've had to do exactly what you describe before when I locked myself out remotely.

Solution 2

If you are using a pfSense installation, use the tools pfSense offers to make changes.
You can go and poke around on the command line, but you shouldn't unless you absolutely need to, and you can make the changes almost as quickly through their GUI as you could on the command line.

A better solution in your case might be to set up a VPN connection and put yourself on the inside network that way rather than punching holes in your firewall. It's more secure, particularly in that you're not relying on time as a defense ("The hole is only open for a few minutes" only works if nobody falls in during that time) and there's no chance of forgetting to close the firewall back up when you're done.
(That link is to OpenVPN setup instructions in the pfSense docs - I assume that's probably the best solution for you to connect a single box to the inside network. There are also PPTP and IPSEC options available if you poke around in the docs.)

Share:
12,660

Related videos on Youtube

tacos_tacos_tacos
Author by

tacos_tacos_tacos

Updated on September 18, 2022

Comments

  • tacos_tacos_tacos
    tacos_tacos_tacos almost 2 years

    I am in a situation where I require WAN access to be opened up to the WebConfigurator through pfSense because I do not have another node connected to the same network to access WebConfigurator from the inside. Ideally I would like to just do this in shell and either directly modify pf's config to "allow all" just long enough for me to open up WAN access to WebConfigurator from my IP, or modify config.xml to add that rule manually. Does anybody have any insight into how to accomplish this?

  • tacos_tacos_tacos
    tacos_tacos_tacos about 12 years
    I would have done this - in fact I am trying to setup OpenVPN anyway -but this is a new virtual environment with very limited resources so the pfSense is basically by itself

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to fix timezone data in pfSense/freeBSD?
Installing pfSense on amazon ec2 instance
Slow upload speeds with pfsense virtual appliance
PF rules and configuration to allow a local IP alias to NAT on FreeBSD?
How do you expand /var in pfsense when you run it in memory?
How to change the webgui password in pfsense from a console?
Ierrs on Network Interface - Pfsense/Freebsd
How to grant su access without password to one user only in wheel group (FreeBSD)?
How can I disable NTP in pfsense?
Pfsense mbuf full, what to do?