Restrict Access to the WebUI
Hello, I have a computer I use to manage the firebox. I only want to allow the computer to access the WebUI only when it's plugged in directly to the firebox; if the computer is on the wireless network, I don't want it to be able to connect to the WebUI at all. Is this possible?
0
Sign In to comment.
Comments
You can restrict the IP addr that accessed the Web UI in the From: field of the Web UI policy.
You would need a static IP addr for the wired connection for this to be useful
@Bruce_Briggs Thank you Bruce. Is the static IP something I must obtain from my ISP or is this something I can configure by myself?
If you are behind the firewall, it is something you can set up on your access device, such as a PC.
You can also set up a DHCP reservation for the MAC address of the deivce which will provide a known IP addr that you can use in your policy.
If you are out on the Internet - this is a totally different thing.
There would not be an obvious way to know the difference between a hard wired connection and a wireless connection when coming in from the Internet.
From where will you be connecting?
@Bruce_Briggs I will be connecting from behind the firewall by directly plugging my computer into eth1 of the firebox. Does WG provide documentation on how to set up a static IP for free?
If nothing else will be plugged into this firewall interface, then you can specify the Interface alias name in the From: field of the Web UI policy.
Has this firewall interface be enabled & assigned an IP address and subnet mask, and if so, does it have DHCP enabled?
If this is beyond you, and you ave a current license on your firewall, you can create a support incident and get help from a WG rep in setting this up.
FYI, anyone can manually set up a static IP addr on a PC or MAC.
Google it if you want to know how.