Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
18.1 Legacy Series
»
Prevent external access of webgui
« previous
next »
Print
Pages: [
1
]
Author
Topic: Prevent external access of webgui (Read 5612 times)
unixpgmr
Newbie
Posts: 14
Karma: 1
Prevent external access of webgui
«
on:
April 01, 2018, 06:48:22 pm »
Currently, my webGUI can be accessed by the internet. I want to prevent this from happening. I have a VPN set up so if I want to access externally, I can. However, by default, it seems that anybody with a browser can get access. I would like to completely cut that off. Is there a way to do this?
Thank you in advance for your time.
Logged
fabian
Hero Member
Posts: 2769
Karma: 200
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: Prevent external access of webgui
«
Reply #1 on:
April 01, 2018, 07:53:03 pm »
If the web interface is available from the internet, you made it available from there. Undo everything you did to allow access from the internet and you are done.
Logged
unixpgmr
Newbie
Posts: 14
Karma: 1
Re: Prevent external access of webgui
«
Reply #2 on:
April 01, 2018, 08:22:21 pm »
Thanks. I had to add the rule to allow wan access when I installed OPNSense. I just allowed everything to get it running. I modified this and all works.
Thanks again
Logged
Oxygen61
Sr. Member
Posts: 350
Karma: 32
Der Weg zum Erfolg hat keine Abkürzung - (Tanaka)
Re: Prevent external access of webgui
«
Reply #3 on:
April 01, 2018, 10:23:58 pm »
Hey unixpgmr,
it's super important that you get your firewall-rules right and documented so that this mistake won't happen again.
Additionally there is one new sexy feature, which got added recently. You can actually configure the listen Interface for the Web-GUI access or SSH, see here:
>> System: Settings: Administration
Underneath
"Web GUI"
go to
"Listen Interfaces"
and select the interfaces, which you want to access the Web-GUI from. As the
"information"
already tells you
"only use with care"
.
Same for SSH underneath
"Secure Shell"
.
Have fun!
Oxy
Logged
labsy
Jr. Member
Posts: 59
Karma: 1
Re: Prevent external access of webgui
«
Reply #4 on:
April 02, 2018, 03:23:38 pm »
I like to keep WAN access to my router opened, but:
- to modified HTTPS public port, for example to 23782
- only from my home and work public IP addresses
Logged
fabian
Hero Member
Posts: 2769
Karma: 200
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: Prevent external access of webgui
«
Reply #5 on:
April 02, 2018, 04:25:49 pm »
You should use OpenVPN for GUI access from WAN. It is more flexible and very likely more secure.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
18.1 Legacy Series
»
Prevent external access of webgui