So, I just realized that if i use my WAN IP in my browser from within my network, it brings me to my pfsense login page…

At first I panicked thinking this was also accessible externally, but luckily it is not.

I have rules in place to prevent devices from accessing the GUI unless they’re part of an alias, however if I access it in this way, it bypasses the check.

Why is my WAN IP resolving to my pfsense login?

Edit: As just about everyone has mentioned, this seems like NAT Reflection, however I have this disabled everywhere I’ve found. Here is the setting in System>>Advanced>>Firewall & NAT as well as in the individual NAT rules as seen here

Outbound NAT

Port Forwards

  • gramathy
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    1 year ago

    Also if the pfsense router is where the WAN IP lives as might be the case in simpler setups where it is the wan router, it would just note that “hey thats me” and resolve unless there were specific rules preventing that traffic.