How do I leave only VPN access to Safeline?
Published 9 months ago
Published 9 months ago
guilloking
Updated 9 months ago
0
Hi, my question is that I'm trying to leave port 9443 only for VPN access so that it doesn't allow access to the Safeline login, since it's exposed.
I'm trying to set the rule through iptables in docker-user, but upon restart, it's lost and frees up access again.
Could you tell me how I can restrict access and make it persistent?
The rule I'm using is this:
Chain DOCKER-USER (1 reference)
target prot opt source destination
ACCEPT tcp -- 192.168.1.10 anywhere tcp dpt:9443
REJECT tcp -- anywhere anywhere tcp dpt:9443 reject-with icmp-port-unreachable
RETURN all -- anywhere anywhere
Carrie
Updated 9 months ago
"ACCEPT tcp -- 192.168.1.10 anywhere tcp dpt:9443
REJECT tcp -- anywhere anywhere tcp dpt:9443"
You should replace 9443 with 1443 to make it work.
We'd recommend to set up security group rule.
As for how to make it persistent, there is a tool called iptables-persistent, you can take a look at it if needed
Naldela Teleyal
Updated 9 months ago
0
I think, the easiest way to do this is binding the port to the local VPN IP, the server has.
For example, as I do it:
1 ports: 2 - 192.168.8.3:9443:1443
192.168.8.3 is the IP of my server in the VPN