Not sure what to call this, I need to block people seeing the opnsense login.

TheDarrenS · March 10, 2020, 01:32:19 PM

Hi folks, Just start Opnsense, Well anything like this to be honest. I was one of those lazy people that just used the router stuff.
Well, no more.
But. How does one stop someone seeing the Opnsense WebGUI from the WAN? I had no idea what to search for or I would have done that first.

So basically here is what I have at the moment.
4 ip block here in the UK

The first IP address of the IP block is unusable because it is the network address
The last IP address of the IP block is also unusable because it is the broadcast address
The second IP address is assigned to the router
The other IP addresses can be used as required.

D...

chemlud · March 10, 2020, 02:47:27 PM

If "net" means your LAN: You can allow access only for specific hosts (would need to disable lock-out rule). Or even better: Have a service interface with exclusive access to the opnsense and disable access from normal LAN completely.

TheDarrenS · March 10, 2020, 02:51:48 PM

Quote from: chemlud on March 10, 2020, 02:47:27 PM
If "net" means your LAN: You can allow access only for specific hosts (would need to disable lock-out rule). Or even better: Have a service interface with exclusive access to the opnsense and disable access from normal LAN completely.

Sorry I meant WAN.

chemlud · March 10, 2020, 03:26:23 PM

WAN should be disabled by default iirc. Otherwise:

System -> Settings -> Administration -> Listen Interfaces

Not sure what to call this, I need to block people seeing the opnsense login.

TheDarrenS

March 10, 2020, 01:32:19 PM Last Edit: March 10, 2020, 02:59:58 PM by TheDarrenS

chemlud

March 10, 2020, 02:47:27 PM #1

TheDarrenS

March 10, 2020, 02:51:48 PM #2

chemlud

March 10, 2020, 03:26:23 PM #3