Accessing the WebGUI via WAN (Yes, I read the FAQ) [RESOLVED]



  • I read the wiki FAQ and followed it; however, I still can’t access the WebGUI remotely.  I’ve enabled https and changed the port to 10001.  I’m able to access the gui from lan no problem with https://mybox.com:10001 with no problem.  I added a rule on the WAN with the following:

    
    Action: PASS
    Disabled: NO
    Interface: WAN
    Protocol: TCP
    Source:
       Type: NETWORK
       Adress: 205.215.0.0/16
    Source Port Range:
       From: Other - 10001
       To: Other - 10001
    Source OS: ANY
    Destination:
       Type: WAN ADDRESS
    Destination Port Range:
       From: Other - 10001
       To: Other - 10001
    Log: NO
    Advanced Options: None
    State Type: Keep State
    No XMLRPC Sync: No
    Gateway: Default
    
    

    Is there something else I need to do?  I have no problem with any other rules I have created.
    Thanks



  • drop the source ports  in the rule
    a connection to www.msn.com on port 80 ca have 1 till 65000 as source port
    its a random chosen port by the system



  • just to be exact…. source port are between 1025 an 65535 (boundaries included)

    lowports : 1-1024
    highports : 1025-65535

    When writing rules you should always specify that connection can be established from X to Y from highports to serverport (eg. 80 for HTTP servers).



  • As the GUI states, source ports are not needed in 99% of the cases and this is one of them.



  • Thank you.  Specifying the source port was the problem.  I did notice that the gui said a source port isn’t needed most of the time.  I just thought that in this case, since it was for the admin panel, it would be a good idea to limit the rule as much as possible.  I guess not.

    Thanks again.

    BTW, thank you to all of the devs for this wonderful product.  I dropped my custom Gentoo install using Shorewall that had worked for me as a firewall/router over the past 3 years.  I didn’t have any problems, but I thought I would try something different.  I’m glad I did.



  • @alberts:

    Thank you.  Specifying the source port was the problem.  I did notice that the gui said a source port isn’t needed most of the time.  I just thought that in this case, since it was for the admin panel, it would be a good idea to limit the rule as much as possible.  I guess not.

    Thanks again.

    BTW, thank you to all of the devs for this wonderful product.  I dropped my custom Gentoo install using Shorewall that had worked for me as a firewall/router over the past 3 years.  I didn’t have any problems, but I thought I would try something different.  I’m glad I did.

    That is great to hear!

    Welcome!!


Locked
 

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy