• 20 Posts
  • 26 Comments
Joined 2 years ago
cake
Cake day: June 7th, 2023

help-circle











  • root@lemmy.worldOPtohomelab@lemmy.mlTravel Routers
    link
    fedilink
    arrow-up
    1
    ·
    10 months ago

    Gotcha. I’m using a ATX 1800 with full tunnel. I figured there would be a default deny all (haven’t touched anything in the way of the firewall on that device yet), but wasn’t sure if ARP would be able to get past it from the public AP side. I guess I can always do a few experiments at home in the lab too. Thanks again!

















  • Gotcha, thanks so much (to you and the others who mentioned this as well). This has been driving me crazy the last couple hours, as I can connect to any of my VLANs (some which I treat as fairly insecure) and they can all hit my firewall if I use the WAN IP.

    I checked Pfsense, and I have NAT Reflection disabled everywhere I found it (System>>Advanced>>Firewall & NAT as well as in my individual NAT rules), however I can still access via the WAN IP.

    So I guess all I can really do is set a rule to forward to port 80/443 to something else to avoid this, right? I was thinking of hosting a Matrix chat server which would use those ports, so maybe that’s the play.