[HELP][Solved] OPNSense accessible on WAN by default?
from Croquette@sh.itjust.works to selfhosted@lemmy.world on 13 Dec 18:14
https://sh.itjust.works/post/29442116

Solved : I was still on my local network instead of my LTE network, so I was accessing the global ip through the local network, and thus the access page.

Hello,

I am running OPNSense as my router for my ISP and my local network.

When I access my global ip, it lands me on the login page of my OPNSense router. Is that normal?

The only Firewall WAN Rule I added is the rule to enable my Wireguard instance (and I disabled it to test if that was the issue)

I was messing with the NAT Outbound for the Road Warrior setup as explained in the OPNSense Road Warrior tutorial, but that rule is also disabled.

I enabled OutboundDNS to override a local domain.

And I have a dynamic DNS to access my VPN with a FQDN instead of the ip directly.

But otherwise, I have the vanilla configuration. I disabled all of these rules I’ve created to make sure that they weren’t the issue, and I can still access my OPNSense from the WAN interface.

So is that a normal default behaviour? If so, how can I disable the access to the OPNSense portal from the WAN and keep it from within one of my LAN/VLAN?

___

#selfhosted

threaded - newest

I_Am_Jacks_____@lemmings.world on 13 Dec 18:18 collapse

Are you on the LAN when accessing the WAN IP? If so, that is allowed. Try to connect outside your network and I suspect it will fail

Croquette@sh.itjust.works on 13 Dec 19:00 collapse

Yeah that was the issue. I though I had switched to my LTE network connection from my phone, but my phone was still on my local network.

Thanks for the answer