internal login site block bypassed

Okey. So this is not an external security problem. But from the internal network. It is.
So I set up my Untangle box to block all access to untangle webpage/login except for one port on my box that one pc is on using filter rules. Also I only use https. This works great.
Now all the internal ports/wireless cards are bridged to my internal port that goes to the switch.
And most of this is blocked communication from each other except from those on the switch.(especially wireless)
This also works great.


Now here is the problem.
If I by any device wireless or not go to my external ip of my gateway. Just add https://external-IP
I get a cert warning that I just bypass. And now I'm on the untangle login page.
Can anyone replicate this? And if so How can I block this?
The reports says under local: remote on admin login if I login that is.

You can control this with input filter rules.
http://wiki.untangle.com/index.php/F...t_Filter_Rules

However, as noted it is not recommended. It is instead recommended to set a good password and not share it.

I figured it was at the input rules. But I could not make any rules to fix it until I saw the "allow https on non-wan" rule. Disabled it. All good :)
thx for your time :)