OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 18.7 Legacy Series »
  • Bind web interface & SSH to Loopback interface (lo0)?
« previous next »
  • Print
Pages: [1]

Author Topic: Bind web interface & SSH to Loopback interface (lo0)?  (Read 6399 times)

jailbird

  • Newbie
  • *
  • Posts: 3
  • Karma: 0
    • View Profile
Bind web interface & SSH to Loopback interface (lo0)?
« on: May 10, 2018, 01:28:23 am »
I'm sure I have a somewhat weird setup for home/SMB, but it's probably fairly common in large environments..

I don't have machines directly attached on the 'internal'/'trust'/whatever side of OPNsense.  I have multiple interfaces, each one attached to a different L3 switch, which static routes set for each one.  Everything works great, but obviously since each interface has its own IP, it would be nice to use a loopback address for administration/management.  This is pretty common even for routing protocols in larger environments.

So I used Firewall: Virtual IPs: Settings to add a Virtual IP to the Loopback interface.  That loopback now works correctly everywhere, yay!  The only problem is in System: Settings: Administration, under HTTPS & SSH, Loopback isn't available as an interface to bind to.  I'm sure it's fairly easy to fix and I'm going to look at the code, but I'm curious if there's a reason not to other than "nobody has ever done it before"?

This is how I access all of my other networking gear (Extreme switch, HPe/H3C switch, Juniper SRX, etc), so I'm just trying to make it similar.
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13699
  • Karma: 1178
    • View Profile
Re: Bind web interface & SSH to Loopback interface (lo0)?
« Reply #1 on: May 14, 2018, 09:42:14 am »
It's not my favourite setup, but let me add it for you. :D


Cheers,
Franco
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13699
  • Karma: 1178
    • View Profile
Re: Bind web interface & SSH to Loopback interface (lo0)?
« Reply #2 on: May 14, 2018, 09:46:00 am »
Although I need to think of a cleaner way, this reminds of me of code that we are trying to get rid of... to be continued...
Logged

jailbird

  • Newbie
  • *
  • Posts: 3
  • Karma: 0
    • View Profile
Re: Bind web interface & SSH to Loopback interface (lo0)?
« Reply #3 on: May 15, 2018, 05:55:03 am »
Hah, no rush.  Is there a better/more preferred way to handle this then?
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13699
  • Karma: 1178
    • View Profile
Re: Bind web interface & SSH to Loopback interface (lo0)?
« Reply #4 on: May 15, 2018, 07:47:46 pm »
Not really. It was always uneasy. Sometimes "Loopback" options are advertised, but mostly they are not.

What we really need is an optional loopback interface that can be assigned in the GUI so it magically works with the SSH and web GUI interface selection. Let's create a ticket to see if we can come up with something down the line:

https://github.com/opnsense/core/issues/2406



Cheers,
Franco
Logged

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 18.7 Legacy Series »
  • Bind web interface & SSH to Loopback interface (lo0)?
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2