So, I just realized that if i use my WAN IP in my browser from within my network, it brings me to my pfsense login page…
At first I panicked thinking this was also accessible externally, but luckily it is not.
I have rules in place to prevent devices from accessing the GUI unless they’re part of an alias, however if I access it in this way, it bypasses the check.
Why is my WAN IP resolving to my pfsense login?
Edit: As just about everyone has mentioned, this seems like NAT Reflection, however I have this disabled everywhere I’ve found. Here is the setting in System>>Advanced>>Firewall & NAT as well as in the individual NAT rules as seen here
Sounds like hairpin NAT. Don’t worry, the traffic never leaves your network
Thank you, that was the first thing I checked after having a near heart attack, haha. I thought the whole world could see my login for a second there.