12,290
edits
FireBrick OTP: Difference between revisions
→Using FireBrick login to access your LAN
|
== Using FireBrick login to access your LAN ==
It is possible to log in to a FireBrick, which in turn then allows a firewall filter to be enabled on that users source IP address. It's therefore possible to set the Firebrick up so that you can be allowed access the LAN side once you've successfully logged in to the FireBrick.
We need to make a user, an ip-group, and a rule in your normall firewall filters <rule-set ...>
These are the config lines that will make this work:
<syntaxhighlight>
<user name="John" otp="Johns keyring" password="secret" level="guest" comment="A remote user for accessing the LAN"/>
<ip-group name="RemoteUsers" users="John" comment="List of users that will be allowed to access the LAN"/>
<rule name="Remote User Access" source-ip="RemoteUsers" source-interface="pppoe" target-interface="self LAN" log="true"/>
</syntaxhighlight>
If your FireBrick is not doing the PPP, then set the source-interface to your WAN interface.
| |||