Disbable webConfigurator on one interface
-
Is is possible to disable access to the webConfigurator on any given interface? For example, I've just configured a DMZ subnet on a new ethernet adapter, blocked access to the LAN subnet from the DMZ, and enabled access to the WAN from the DMZ. Everything works as expected, but I've discovered that clients in the DMZ can point their web browser at the default gateway for the interface and get to the webConfigurator …I would prefer not to have that happen. I just want to allow webConfigurator access from the LAN subnet. I didn't see a means to accomplish this via the gui ...perhaps I've missed it. Thx...
-
Try a firewall rule on the DMZ interface blocking (with logging) anything from DMZ subnet to DMZ address port 80 (http). Add a rule on the DMZ interface blocking (with logging) anything from DMZ subnet to DMZ address port 443 (https). Reset firewall states (Diagnostics -> States, click on Reset States tab, click on Reset button). Test, check the access attempts are logged in the firewall log (Diagnostics -> System Logs, click on Firewall tab) and then (if desired) go back and edit these rules to disable logging.
Adjust rules appropriately if you have chosen to configure a custom port number for access to web configurator.