Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Restrict access to Nginx
« previous
next »
Print
Pages: [
1
]
Author
Topic: Restrict access to Nginx (Read 1114 times)
ChrisL
Newbie
Posts: 1
Karma: 0
Restrict access to Nginx
«
on:
July 25, 2021, 10:36:45 pm »
Hi guys,
I feel a bit lost, I hope you can help me out.
I have been using OPNSense for a while now and I'm slowly getting used to it. My latest plugin is Nginx which is supposed to replace my Nginx instance running in a container on my Pi, I want the Pi only to host my actual services. But I don't really get how this fits into my setup.
I'm using the Wireguard plugin, it's on 192.168.200.0/24.
I have four VLAN interfaces.
DMZ 10 - 192.168.10.0/24
Trusted 20 - 192.168.20.0/24
Untrusted 30 - 192.168.30.0/24
Guest 100 - 192.168.100.0/24
I have currently two Upstream servers configured in Nginx. The configuration seems to be working since I can access both from the Trusted network with an Trusted to Any rule in the firewall.
Code:
[Select]
Bitwarden
192.168.10.50
8085
Pihole
192.168.10.50
8001
I want to enable access to both Pihole and Bitwarden on port 443 from the Trusted VLAN and through the Wireguard VPN but not from the other VLAN. From what I understand Nginx listens to all interfaces on port 433. Here is my confusing - How do I limit access to it, or rather how do I enable access to it?
I want to access Pihole and Bitwarden using a subdomain - ph.example.com and bw.example.com. To what IP should these point to? I currently have it point to 192.168.10.1 (DMZ) since it's the default gateway where the services resides.
What firewall rules do I need? It's working from the Trusted network but it's due to having an any rules which I don't want to have from the Wireguard VPN.
Logged
fabian
Hero Member
Posts: 2769
Karma: 200
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: Restrict access to Nginx
«
Reply #1 on:
July 26, 2021, 06:38:36 pm »
There are some IP based access lists as far as I can remember.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Restrict access to Nginx