[ previous ] [ next ] [ threads ]
 
 From:  Christoph Gysin <cgysin at gmx dot ch>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] webGUI from WAN question
 Date:  Tue, 07 Dec 2004 12:33:20 +0100
Chris Buechler wrote:
> It's not an ideal situation, but chances are exceedingly likely that
> this isn't going to grant access to anything but the webGUI.

Yes, you're right. In most cases, this would work as expected.

>>I did a small hack to get around this, by specifying an inbound NAT rule:
>>WAN      TCP     443 (HTTPS)     10.0.0.1        443 (HTTPS)     admin
> 
> That's still going to leave you with the same dilemma though, how do
> you set up the firewall rule that permits access through this NAT
> entry?

The only Problem was that the WAN IP could change due to DHCP. With the
above NAT rule, I can now create a firewall rule on my internal
Interface, which has a static IP:
TCP  	 *  	 *  	 10.0.0.1  	 443 (HTTPS)  	 NAT admin

Christoph
-- 
echo mailto: NOSPAM !#$.'<*>'|sed 's. ..'|tr "<*> !#:2" org@fr33z3