I’ve got a pfSense instance that has a virtual IP. I realize I could probably just do a simple port forward, but at the moment, I’m trying to understand what is happening in this situation.
For the firewall, I have a virtual IP and associated rules to forward various ports to the virtual IP. Everything works perfectly, except for port 80. I had enabled port 80 so I could do a simple LetsEncrypt challenge on the machine the virtual IP is mapped to. But that’s where things get strange. Instead of the port 80 requests going to the machine, pfSense intercepts the traffic for its management interface.
I don’t even have HTTP enabled on the default mapped IP for the interface – it’s https. I’m not sure why pfSense is intercepting and showing the management interface over port 80. But since I’m trying to access it via a dns entry, pfSense gives me a potential dns binding attack warning.
I can’t figure out how to watch it in the logs, either. Looking at the
I’m probably missing a simple checkbox somewhere, but I’ve spent several hours going through various options with no success.
Any ideas?