[ previous ] [ next ] [ threads ]
 From:  "Norman H. Azadian" <norman at azadian dot ch>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  outside access to web GUI
 Date:  Tue, 17 Jan 2006 17:03:54 +0100
I'd like to set up the web GUI for outside access, but I'm having a hard 
time with the FAQ 16.18 which purports to explain it.  In particular, this 

> Note
> You may need to change the port number used by the webGUI. If you have used inbound NAT to open
HTTPS to a web server, you'll have to change that port number to something other than the default
443, and change the destination port on the firewall rule shown below accordingly.

I do have the case described (443 routed to my web server), but don't 
understand what I need to do.  The way I read this I have to change the 
existing NAT to use a number other than 443, and also use that same number 
in the new rule.  I can't understand the point of changing both of them. 
Can I pick a random number, or must it be an unused port?  Must it be below 

At least for this Bear of Very Little Brain, the note needs some clarification.

Norman H. Azadian    Taegerishalde 13    CH-3110 Muensingen    Switzerland
norman at azadian dot ch      tel: +41 31 721 7855      fax: +41 31 55 898 55

James Griffioen wrote:
> For reason's not worth explaining, I would like to configure the monowall
> so that LAN clients can use the monowall's WAN address when trying to access
> a web server that is on the LAN.  External (Internet) hosts can already access
> the web server via the rules I entered for inbound NAT, but LAN clients can
> only seem to access the web server if they know its internal address.
> I cannot seem to find any combinations of rules and/or static routes that will
> allow TCP packets arriving on the LAN interface carrying the WAN interface's IP
> address as the destination address to be fowarded back to the web server on
> the LAN.  This used to work with the linksys router that I was using before
> I replaced the linksys with the monowall.
> Any help would be greatly appreciated.
> Jim
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch