Put m0n0wall's IP in Internet Explorer's restricted sites zone. It is under
internet options --> security.
I just tried it- I could surf the web, but couldn't get into the m0n0 IP.
From: Mikael Bohlin [mailto:Mikael dot Bohlin at se dot flextronics dot com]
Sent: Thursday, July 08, 2004 1:53 AM
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] Odd kind of setup?
I'm about to test the Monowall in a slightly different scenario then what I
guess most of you guys do.
I am about to build a separate network for our viristors and guests. From
this Visitor network our guests should get Internet access but no access to
our company resources.
On this network I connect the Monowall LAN interface, enables DHCP and DNS
forwarding. I will also use the Captive portal function, forcing them to log
On my company network I connect the Monowall WAN interface.
With this setup there pop's up a couple of questions:
- Can I disable the Management on the LAN interface??? I do no want any
clever visitor trying to logon to the Monowall and changing stuff.
- When a user logs on to the Captive portal page, it performs a HTTP POST
sending the user ID and password in clear text. Any user with a network
sniffer will easily find the others credentials... Can this be changed into
a HTTPS-POST??? It would add a lot of security into it.
IT Security Coordinator
Flextronics Network Services