EFW Support

Support => Installation Support => Topic started by: yatesco on Friday 02 April 2010, 01:56:04 am



Title: Newbie question - how do I allow access to the HTTPS gui from the WAN?
Post by: yatesco on Friday 02 April 2010, 01:56:04 am
Hi all,

I have installed Endian as a VM on a remote (dedicated server) machine in XenServer 5.5.  Things are running very well - nice product (although I wish I could assign a host in the same screen as when I create a fixed lease! :)).

Anyway, how do I enable access to HTTPs (over port 10443 if needs be) from the WAN?  At the moment I can connect perfectly fine form inside the LAN (i.e. from a 192.168.0.. address) but accessing it from home via the public IP just times out?

I have tried to add a firewall rule but it didn't seem to help....

Sorry for the newbie question :)

Thanks,

Col


Title: Re: Newbie question - how do I allow access to the HTTPS gui from the WAN?
Post by: dammit on Friday 02 April 2010, 05:19:47 am
Firewall -> System Acess -> new rule:
Source address: blank     
Source interface: RED     
Protocol/Port: TCP/10443
ALLOW


Title: Re: Newbie question - how do I allow access to the HTTPS gui from the WAN?
Post by: yatesco on Friday 02 April 2010, 07:22:02 am
Thanks for the info.

I tried that, but still no luck :(  My RED IP (main uplink) is 109.x.x.53 and I am going to https ://109.x.x.53:10443 in my browser from home but it just times out.

Any other ideas?


Title: Re: Newbie question - how do I allow access to the HTTPS gui from the WAN?
Post by: quickben on Friday 02 April 2010, 04:26:35 pm
Unless you have a static IP, give yourself a DDNS address and it should work a treat. Here in South Africa, the IP addresses change continually unless you use DDNS to make it a static address you cannot connect to the IP.

As its a VM, you might need to add a static route to the VM from your Citrix console as well.


Title: Re: Newbie question - how do I allow access to the HTTPS gui from the WAN?
Post by: yatesco on Friday 02 April 2010, 06:21:31 pm
Hi, thanks for the info.  Still no luck. 

The IP is a public IP - there are other public IPs mapped as 'additional addresses' which are port forwarded to internal machines and these work.

I have missed something though - I can access the GUI on its GREEN IP (i.e. 192.168.0.15) from the internal LAN fine, but accessing its public address (109....) even from the LAN.