OPNsense Forum

Archive => 17.1 Legacy Series => Topic started by: rabievdm on April 25, 2017, 01:07:40 pm

Title: [SOLVED] Bind WUI to a specific interface
Post by: rabievdm on April 25, 2017, 01:07:40 pm
Hi,

I'm on the 17.1 series and was wondering if there is a way to bind the WebUI to a specific interface eg Internal and not have it bind to any other interfaces?
I'm trying to run an OVPN instance on the external interface on TCP443, whilst this appears to work the WebUI stops working when the firewall is booted as OVPN is already bound to the external interface by the time the WebUI starts.

Regards
Rabie
Title: Re: Bind WUI to a specific interface
Post by: franco on April 25, 2017, 02:12:46 pm
Hi Rabie,

You can easily port-forward 443 from WAN to your OpenVPN port, or move the GUI away from port 443 if that works better for you.


Cheers,
Franco
Title: Re: Bind WUI to a specific interface
Post by: rabievdm on April 25, 2017, 05:42:45 pm
Hi,

/facepalm should have thought of that :)

Would still be nice to limit which interfaces the WUI is availible on, extra bit of security.
Maybe ver 17.7 ;)

Thanks for the assist, much appreciated.

R

Title: Re: Bind WUI to a specific interface
Post by: franco on April 25, 2017, 06:48:15 pm
Hi Rabie,

There is a feature request for this, but mind you in over 10 years of joint history nobody went ahead and did this. It's easy to get this wrong and end up locking yourself out. :/

https://github.com/opnsense/core/issues/1347

We've done cleanups for SSH in 17.1.5 that moves it over to our plugin framework. I want to do the same for the web GUI service (lighttpd specifically) to eventually make room for different HTTP servers. And maybe, just maybe, there is room for adding a big warning sign and optional per-interface selection.

I'll keep this in mind. :)


Cheers,
Franco