[ previous ] [ next ] [ threads ]
 
 From:  "Brian Watters" <brwatters at abs dash internet dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Administering from WAN
 Date:  Thu, 31 Mar 2005 21:24:15 -0800 
Create a nat rule allowing port 443 

WAN  TCP  443 (HTTPS)  192.168.2.254  443 (HTTPS)  REMOTE ADMIN 

Then a firewall rule locking the access down to specific IP addresses

TCP  12.12.12.12  *  192.168.2.254  443 (HTTPS)  NAT REMOTE ADMIN

PPTP scares us and we try to stay away from protocols that can be weak via
short usernames and passwords.

This way you can use your web browser without issue .. The best bet however
is to always admin your m0n0wall via the VPN (Ipsec) and only use the above
if you have specific sites (like home static ip needing access to the office
firewall) that you fully control.


BRW