Beta4: Remote Router Access/Managment
-
How to access router from wan/internet ?
Tnx.
-
FAQ. Add a firewall rule allowing it.
-
http://faq.pfsense.com/index.php?action=artikel&cat=10&id=41&artlang=en&highlight=access%20webgui%20wan
(https is optional but highly recommended due to security reasons)
-
http://faq.pfsense.com/index.php?action=artikel&cat=10&id=41&artlang=en&highlight=access%20webgui%20wan
(https is optional but highly recommended due to security reasons)This gives a solution…. but if you live with Dynamic '24H' 'random' WAN IP's (both sides) -> this start to be complicated.
The firewall rules do not accept url's like FromMyHom.dyndns.org neither.A solution: activate PPTP (pfSense will be the server). And a 'let me in rule' on the PPTP-Firewall tab (this tab will be present).
Afterwards, from a simple remote XP client you can login, and have SSH and web access to the firewall for maintenance.
-
Where is the problem? Use DynDNS and create a rule with destination "WAN Adress" and the port the gui listens on. No problem at all.
-
Hoba,
What make SSL for WebGUI more secure ?
I notice that in menu –> Advanced --> webGUI SSL
It has both SSL and private key.
But pfsense never use that private key.I test this function and it seams that right now, pfsense establish a secure (encrypted) tunnel for WebGUI communication, but it doesn't require the user that have the same private key as the pfsense for establishing the connection.
Am I right or I have missed something and there is a way for usiing that private key.
-
Everything between the pfSense and the client accessing the webgui is transferred encrypted when using https. When using http people could sniff your passwords, view the webguipages you request, … (if they can sniff somewhere along the way the data takes through the internet or if a proxy is involved).
-
Hoba,
What make SSL for WebGUI more secure ?
I notice that in menu –> Advanced --> webGUI SSL
It has both SSL and private key.
But pfsense never use that private key.I test this function and it seams that right now, pfsense establish a secure (encrypted) tunnel for WebGUI communication, but it doesn't require the user that have the same private key as the pfsense for establishing the connection.
Am I right or I have missed something and there is a way for usiing that private key.
Yeah, you kinda missed something :) The private key is so you can load an X.509 cert into the gui that you signed with a trusted CA to you as opposed to the pfSense default signed cert. The webGUI doesn't require a client cert, nor does it use client cert for auth - maybe some day if someone is interested in making it work.
–Bill
