My ISP provided me a P2P IP block so I setup a pfSense and put it in “disable all packet filtering” mode under Advanced > Firewall & NAT. This did the routing as desired and worked great for some time. During a pen test exercise, I realized the web admin for pfSense is available on the WAN interface which makes sense since the firewall is disabled. This is, of course, undesirable. What can I do to prevent web access on the WAN interface?