Good Afternoon,
I’m using a TransPort WR44v2 in IP passthrough mode, but have an http pinhole which allows me remote access to the device. The firewall rules are a bit confusing to me on these devices, what is the best way to :
a) disable http and only access via https
b) only allow access via https from my internet address
I appreciate the feedback!
Hello,
I recommend you to disable HTTP & Telnet access and filtering HTTPS / SSH access via the Firewall.
A Firewall example to filtering Administration Access:
#Allow any outbound traffic and the replies back in
pass out break end inspect-state
#Allow incoming SSH
pass in break end proto tcp from x.x.x.x to any port=22 flags S!A inspect-state
pass in break end proto tcp from x.x.x.x/xx to any port=22 flags S!A inspect-state
#Allow incoming HTTPS
pass in break end proto tcp from x.x.x.x/xx to any port=443 flags S!A inspect-state
pass in break end proto tcp from x.x.x.x to any port=443 flags S!A inspect-state
#Block and log everything else including incoming telnet, http and FTP
block log break end