Public access is only possible through IP direct connection



  • I a a bit confused by the fact that it I connect to my firewall through its name : https://myfirewall.mylittlecompany.com …. the Certificate is now correctly installed but I can only connect to my firewall public interface through its IP address (to prevent DNS Rebind attack).
    Now I could create a certificate with alternative names but that seems to be not possible with CACert certificates.
    So, What is the point of creating a specific certificate if the firewall expects us to connect to the IP directly (I could "of course" buy a Certificate for that IP).

    Thanks for explaining me the point ?

    \T,



  • That makes it fail the DNS rebinding and/or HTTP REFERER checks, where the hostname you're using isn't the hostname configured on the system. Either change it under System>General Setup, or add an alternate hostname under System>Advanced.


Log in to reply