[ previous ] [ next ] [ threads ]
 
 From:  Christoph Gysin <cgysin at gmx dot ch>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] webGUI from WAN question
 Date:  Mon, 06 Dec 2004 10:38:29 +0100
Chris Buechler wrote:
> I just updated this FAQ.  http://m0n0.ch/wall/docbook/faq-webGUI-from-WAN.html
> 
> The example shown will only work if you have a static public IP.  I'm
> looking for a sanity check.  If your WAN is DHCP, you'll have to set
> the destination to any, right?

But this is not what you want. If you set destination to any, you will
allow all https-traffic to all your hosts on the LAN.

> For situations like this, maybe the destination should have WAN
> interface address as an option in the drop down.  Or am I missing
> something?

Yes, this would be the prefered solution.

I did a small hack to get around this, by specifying an inbound NAT rule:
WAN  	 TCP  	 443 (HTTPS)  	 10.0.0.1  	 443 (HTTPS)  	 admin

Christoph
-- 
echo mailto: NOSPAM !#$.'<*>'|sed 's. ..'|tr "<*> !#:2" org@fr33z3