Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - lsc9x

#1
Excellent!  Both of you appear to be correct, and thanks for the website links, Zeitkind! (Very useful tools, thanks!)

So yes, when I did the pentest, my server came back with next to nothing which is exactly what I wanted.

Just to be safe I VPNd to a remote server in a different country and looked back in and nothing was replying from my external IP.

Problems solved!  =)
#2
I searched for a bit looking for an answer on this and couldn't find one easily, so here's my question:

Right now, everything is working perfectly!  My opnsense machine is acting as a router/firewall and I have the WAN set to DHCP for it's addressing, and the LAN set to a static IP running DHCP and forwarding DNS.

But there is a problem:

If I go to my WAN IP in a web browser, it comes up with my admin page!  I absolutely DO NOT want to have a web logon available for hackers on the WAN interface and would like to disable the web logon, or ANY logon from the WAN interface.  I would like the external WAN interface to be locked down as much as humanly possible.  I don't need login access on the WAN interface, ever.

But I would like to retain web access on the LAN interface for administrative purposes, of course!

Is there an easy way to (properly) shut down logon and/or web access on the WAN interface?

Thanks!