On Sun, 16 Jan 2005 14:41:34 -0500, William Arlofski
<waa dash m0n0wall at revpol dot com> wrote:
> Hi Peter.
> I would point it to 127.0.0.1, not your internal LAN IP. (probably not
> an issue though)
> It is a two-part process to allow what you want. You did step #2, but
> missed step #1. :)
> Step #1: You need to make sure that you have an INBOUND NAT rule
> configured to map incoming WAN conections on port 81 to 127.0.0.1
> Step #2: THEN you add the firewall rule to actually alow these
> connections in.
> To save time, can even select "Auto-add a firewall rule to permit
> traffic through this NAT rule" when adding the INBOUND NAT rule so there
> is no need for step #2 in that case. :)
> If, however, you are like me and are a bit anal retentive about who is
> allowed to connect to your web GUI on the M0n0, you might consider
> visiting the firewall rules and limit the SOURCE IP to an IP or block of
> IPs that you own so that the whole world is not allowed to hit the web
That'll work, but you don't have to use NAT.