|
||||||||
Chris Buechler wrote: > It's not an ideal situation, but chances are exceedingly likely that > this isn't going to grant access to anything but the webGUI. Yes, you're right. In most cases, this would work as expected. >>I did a small hack to get around this, by specifying an inbound NAT rule: >>WAN TCP 443 (HTTPS) 10.0.0.1 443 (HTTPS) admin > > That's still going to leave you with the same dilemma though, how do > you set up the firewall rule that permits access through this NAT > entry? The only Problem was that the WAN IP could change due to DHCP. With the above NAT rule, I can now create a firewall rule on my internal Interface, which has a static IP: TCP * * 10.0.0.1 443 (HTTPS) NAT admin Christoph -- echo mailto: NOSPAM !#$.'<*>'|sed 's. ..'|tr "<*> !#:2" org@fr33z3 |