|
|
RE: Disable Web GUI on OPT and/or LAN interfaces?: msg#00284security.firewalls.m0n0wall
Two firewall rules will sort it. One rule blocks connection attempts to the Web GUI entering on the DMZ interface to the DMZ interface IP, the other to the LAN interface IP. Action: Block Interface: DMZ Protocol: TCP Source: Any Source Port Range: Any/Any Destination Type: Single Host/Alias Destination Address: [Your DMZ IP] Destination Port Range: 80/80 (or whatever your GUI port is) Log: Yes (allows you to see which IPs are attempting to connect) Description: Block Web Admin from DMZ to DMZ interface Action: Block Interface: DMZ Protocol: TCP Source: Any Source Port Range: Any/Any Destination Type: Single Host/Alias Destination Address: [Your LAN IP] Destination Port Range: 80/80 (or whatever your GUI port is) Log: Yes (allows you to see which IPs are attempting to connect) Description: Block Web Admin from DMZ to LAN interface >-----Original Message----- >From: Mikael Bohlin [mailto:Mikael.Bohlin@xxxxxxxxxxxxxxxxxx] >Sent: 11 August 2004 10:37 >To: m0n0wall@xxxxxxxxxxxxx >Subject: [m0n0wall] Disable Web GUI on OPT and/or LAN interfaces? > > > >I have guests connecting to a DMZ on the OPT interface, and >all works fine. > >But... > >These guests can connect to the web gui by surfing to their >"gateway", and >if they manage to guess the userid/password they can change or reset my >setup. > >Q: How can I restrict on what interface I want to allow the >Web gui? I only >want the GUI accessible on the LAN interface... > >Thanks, > >Mikael > JET PRESS LIMITED Nunn Close Huthwaite Nottinghamshire NG17 2HW UK Web: www.jetpress.com Tel: +44-1623-551 800 Fax: +44-1623-551 175 Confidentiality Notice This message and its contents are confidential. The contents are solely for the attention of the recipient(s) named above and any unauthorised disclosure, copying or distribution is forbidden. If you are not the recipient named above, please contact the sender immediately and destroy this message. The views expressed in this message are those of the sender and not necessarily those of JET PRESS LIMITED. |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | Disable Web GUI on OPT and/or LAN interfaces?: 00284, Mikael Bohlin |
|---|---|
| Next by Date: | Re: PPTP problem with Linux Client: 00284, Peter Allgeyer |
| Previous by Thread: | Disable Web GUI on OPT and/or LAN interfaces?i: 00284, Mikael Bohlin |
| Next by Thread: | Custom mm0n0wall ISO: 00284, Roberto Pereyra |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |