internal login site block bypassed
Okey. So this is not an external security problem. But from the internal network. It is.
So I set up my Untangle box to block all access to untangle webpage/login except for one port on my box that one pc is on using filter rules. Also I only use https. This works great.
Now all the internal ports/wireless cards are bridged to my internal port that goes to the switch.
And most of this is blocked communication from each other except from those on the switch.(especially wireless)
This also works great.
Now here is the problem.
If I by any device wireless or not go to my external ip of my gateway. Just add https://external-IP
I get a cert warning that I just bypass. And now I'm on the untangle login page.
Can anyone replicate this? And if so How can I block this?
The reports says under local: remote on admin login if I login that is.