Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Unauthenticated web server

    Scheduled Pinned Locked Moved General pfSense Questions
    1 Posts 1 Posters 618 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pleriche
      last edited by

      Forgive me if this is a dumb question - I'm still on the foothills of the pfSense learning curve.

      For a couple of years we've been using a Shorewall-based firewall to protect a school network from the possible antics of kids on a network of 5 Raspberry Pis (with root access). The Pis are run headless, accessing them through the firewall with VNC or PuTTy from PCs on the school network. The 5 school Pis have reserved IP addresses NATted onto school network IP addresses which are used by VNC and PuTTy, but kids can bring in their own Pis which are given DHCP addresses, also NATted onto the school's subnet.

      Since you can't tell what IP address has been leased to a guest Pi, I wrote a CGI script to report DHCP leases, making them available through an unauthenticated web interface on the school network interface.

      Shorewall and the Linux underneath it need updating and enhancing with a 3rd NIC for another project so I'm considering replacing it with pfSense, as perhaps more capable and user-friendly. But it's not clear to me whether I could implement the CGI script as an unauthenticated web page on the school network interface. (And I'm assuming I can either make the pfSense admin web interface available on the WAN interface, or call the Pi network the WAN and do NAT on WAN IP addreses.) Any thoughts please?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.