[ previous ] [ next ] [ threads ]
 
 From:  "James W. McKeand" <james at mckeand dot biz>
 To:  <a dot shirazi at datak dash telecom dot net>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] web-interface wan access
 Date:  Mon, 27 Dec 2004 09:14:27 -0500
a dot shirazi at datak dash telecom dot net wrote:
> Hi all,
> 
> I coudnt see monowall web-interface from WAN,
> How coluld I allow to this access?
> Do I manually add a rule to open web port on monowall?
> 
> 
> Regards,
> shirazi
> 
> 
>
---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch

Take a look at:
http://www.m0n0.ch/wall/docbook/faq-webGUI-from-WAN.html

I'm coping the note on the bottom of the page:

Note
Opening your webGUI to the entire internet is a *BAD IDEA*. Limit it
to only the IP address required. If the remote administration host is
on DHCP, you can limit it to the remote machine's ISP's netblock
rather than opening it to the entire internet. Opening your firewall
administration interface to the entire internet, even with strong
authentication, is *STRONGLY DISCOURAGED* on any firewall.

I agree with this statement. IMHO, it is a better idea to setup a VPN
(pick a flavor - PPTP, IPSEC, or OpenVPN) then manage the m0n0wall
after connecting (Authenticated and Encrypted).

_________________________________
James W. McKeand