Step 1 – Enable HTTPS in pfsense
This is very important, especially if you are going to be accessing it over a public wifi network. To do this go to System -> Advanced, and change protocol to HTTPS, as well as the port number to something else – I use 8080.
Step 2 – Disable DNS binding and HTTP_REFERER
Disable DNS Rebinding Checks
Disable HTTP_REFERER enforcement check
If you need these enabled, then simply insert the hostname you use to access Pfsense in this box:
Alternate Hostnames for DNS Rebinding and HTTP_REFERER Checks.
For example, if you access your server using a dynamic address such as pfsensebox.homelinux.com, then you should but this address in that box.
Step 3 – Add firewall rule for port 8080
A firewall rule for inbound traffic on port 8080 needs to be created for the WAN interface. Failure to do this will result in the firewall rejecting any inbound requests (as it should). Click on **Firewall -> Rules **and ensure that the WAN tab is selected (it is by default).
- Select WAN interface
- Set source to any
- Set destination to WAN subnet
- For the to and from fields enter port 8080
- Click on save.
Here is a screenshot of the settings:
Step 5 – Forward port 8080 to your WAN interface address
Forward port 8080 (or whichever port you chose in step 1) on your router to your WAN interface address. This is necessary since all incoming connections on port 8080 will be rejected at your router by default. Port forwarding (also known as port mapping) is beyond the scope of this tutorial.