[ previous ] [ next ] [ threads ]
 
 From:  "Norman H. Azadian" <norman at azadian dot ch>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  outside access to web GUI
 Date:  Tue, 17 Jan 2006 17:03:54 +0100 
I'd like to set up the web GUI for outside access, but I'm having a hard 
time with the FAQ 16.18 which purports to explain it.  In particular, this 
text:

> Note
> You may need to change the port number used by the webGUI. If you have used inbound NAT to open
HTTPS to a web server, you'll have to change that port number to something other than the default
443, and change the destination port on the firewall rule shown below accordingly.

I do have the case described (443 routed to my web server), but don't 
understand what I need to do.  The way I read this I have to change the 
existing NAT to use a number other than 443, and also use that same number 
in the new rule.  I can't understand the point of changing both of them. 
Can I pick a random number, or must it be an unused port?  Must it be below 
1024?

At least for this Bear of Very Little Brain, the note needs some clarification.

NHA
---
Norman H. Azadian    Taegerishalde 13    CH-3110 Muensingen    Switzerland
norman at azadian dot ch      tel: +41 31 721 7855      fax: +41 31 55 898 55


James Griffioen wrote:
> For reason's not worth explaining, I would like to configure the monowall
> so that LAN clients can use the monowall's WAN address when trying to access
> a web server that is on the LAN.  External (Internet) hosts can already access
> the web server via the rules I entered for inbound NAT, but LAN clients can
> only seem to access the web server if they know its internal address.
> 
> I cannot seem to find any combinations of rules and/or static routes that will
> allow TCP packets arriving on the LAN interface carrying the WAN interface's IP
> address as the destination address to be fowarded back to the web server on
> the LAN.  This used to work with the linksys router that I was using before
> I replaced the linksys with the monowall.
> 
> Any help would be greatly appreciated.
> 
> Jim
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>