So, I just realized that if i use my WAN IP in my browser from within my network, it brings me to my pfsense login page…

At first I panicked thinking this was also accessible externally, but luckily it is not.

I have rules in place to prevent devices from accessing the GUI unless they’re part of an alias, however if I access it in this way, it bypasses the check.

Why is my WAN IP resolving to my pfsense login?

Edit: As just about everyone has mentioned, this seems like NAT Reflection, however I have this disabled everywhere I’ve found. Here is the setting in System>>Advanced>>Firewall & NAT as well as in the individual NAT rules as seen here

Outbound NAT

Port Forwards

  • Superb
    link
    fedilink
    English
    51 year ago

    Sounds like hairpin NAT. Don’t worry, the traffic never leaves your network

    • @rootOP
      link
      21 year ago

      Thank you, that was the first thing I checked after having a near heart attack, haha. I thought the whole world could see my login for a second there.