Allowing http
-
Ok, I want to allow my friends on network to acces only one page (http), I have added acces to only that IP port 80, is that enough? They reported that it doesn't work, any thing else I should open? Yes I did enter proper gateway and dns, and if I give them full acces they can go to Internet, but I'd like to give them only one page. Thanks!
ps. right now I have three pfsense machines :D great work!
-
that will allow access to the webserver on that ip address. so all pages on that server will be accessible.
post your rules.
-
Please paste the complete rule and settings for this rule.
-
TCP LAN net * pojatno * *
- Zvonimir * * * *
- Server * * * *
- Buzanic * * * *
- Serveri * * * *
Ofocurse alias for pojatno is correct ip to webserver.
I don't care if they can acess whole server, it has anyway only few websites.
Other definitions are for allowing certain users total access to internet. -
Looks correct to me though you could set port 80 as destination for the first rule as you only want to allow http. Did you make sure you allowed all IPs of the destination site? Do a nslookup to see if it resolves to several IPs. Also make sure the clients can still resolve the allowed url and you are not blocking dns.
-
also let us know what you mean by "They reported that it doesn't work"
What happens that shouldn't, what doesnt happen that should?
-
They say that page is unavailbale, I'll try it myself tonight, I think they did something wrong since I tested it with my laptop and it was fine.
I did also tried with port 80 only, but it's not a problem if I let them whole range of ports since that page is webserver only. Doh :)
Just wondered if I did something wrong, thnx for fast report! -
they need you to open port 56 to make from www.test.com a ipadress
if port 56 is not open they can not access the dnsserver and thus can not access the webserver you give free -
if port 56 is not open they can not access the dnsserver
DNS is port 53/UDP (TCP for zone transfers)