Allowing Remote Access to the OPNsense GUI
OPNsense is a powerful and user-friendly open-source router solution based on FreeBSD. This article will show you the steps to configure a firewall rule in OPNsense to allow remote access to the OPNsense GUI remotely via WAN.
Login to Your OPNsense Router
Start by accessing your OPNsense router:
- Use the console or IPMI interface to log in to your OPNsense device.
- Enter your login credentials (username and password) to gain access.
Disable the Firewall Temporarily
If you don’t have local network access to the OPNsense router, you will need to temporarily disable the firewall to access the OPNsense GUI remotely through the WAN interface.
To disable the firewall, run the following command in the console:
pfctl -d
Access the OPNsense Web UI
- Navigate to the OPNsense Web UI by entering the router's IP address in the web browser address bar.
- Log in to the Web UI using your root credentials.
Add a Firewall Rule for HTTPS on the WAN Interface
To allow HTTPS traffic through the WAN interface, follow these steps:
- In the Web UI, navigate to:
Firewall > Rules > WAN. - Click the Add button to create a new rule.
- Set the following parameters for the new rule:
- TCP/IP Version:
TCP - Destination:
WAN address - Destination Port Range:
- From:
HTTPS - To:
HTTPS
- From:
- Click the Apply Changes button to save and activate the new firewall rule.
Final Notes
- If you are accessing the WAN interface from a private (local) network, go to GUI → Interfaces → [WAN] and uncheck "Block private networks". This will allow access to the WAN interface from local networks as well.
- Once the firewall rule is created and applied, remote access will be allowed through the WAN interface.
- Remember to re-enable the firewall if it was disabled earlier using the command:
pfctl -e
- Always double-check your firewall rules to ensure security and proper functionality.