Restrict Access to the WebUI

Hello, I have a computer I use to manage the firebox. I only want to allow the computer to access the WebUI only when it's plugged in directly to the firebox; if the computer is on the wireless network, I don't want it to be able to connect to the WebUI at all. Is this possible?


  • Options

    You can restrict the IP addr that accessed the Web UI in the From: field of the Web UI policy.
    You would need a static IP addr for the wired connection for this to be useful

  • Options

    @Bruce_Briggs Thank you Bruce. Is the static IP something I must obtain from my ISP or is this something I can configure by myself?

  • Options

    If you are behind the firewall, it is something you can set up on your access device, such as a PC.
    You can also set up a DHCP reservation for the MAC address of the deivce which will provide a known IP addr that you can use in your policy.

    If you are out on the Internet - this is a totally different thing.
    There would not be an obvious way to know the difference between a hard wired connection and a wireless connection when coming in from the Internet.

    From where will you be connecting?

  • Options

    @Bruce_Briggs I will be connecting from behind the firewall by directly plugging my computer into eth1 of the firebox. Does WG provide documentation on how to set up a static IP for free?

  • Options

    If nothing else will be plugged into this firewall interface, then you can specify the Interface alias name in the From: field of the Web UI policy.

    Has this firewall interface be enabled & assigned an IP address and subnet mask, and if so, does it have DHCP enabled?

    If this is beyond you, and you ave a current license on your firewall, you can create a support incident and get help from a WG rep in setting this up.

    FYI, anyone can manually set up a static IP addr on a PC or MAC.
    Google it if you want to know how.

Sign In to comment.