https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=29181 _________________ "The woods are lovely, dark and deep,
But I have promises to keep,
And miles to go before I sleep,
And miles to go before I sleep." - Robert Frost
"I am one of the noticeable ones - notice me" - Dale Frances McKenzie Bozzio
it is complicated to explain why..but its not working as it should...with those options above...i tried those before...and im not going to remove restriction rules i have, just to be able to access it...also im accessing it via VPN too..i usually don't need the GUI, only few things are useful there, but much faster and worry free, is to "dial" whatever i need from CLI and commit it to the nvram ...
my GUI necessity is only for resent GUI testing ... but never mind... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Using a direct ssh tunnel with no VPN involved to the remote site is secure enough for remote webUI access if absolutely required. Using site-to-site VPN and setting up an ssh tunnel to remote into the webUI is only as complicated as you make it. _________________ "The woods are lovely, dark and deep,
But I have promises to keep,
And miles to go before I sleep,
And miles to go before I sleep." - Robert Frost
"I am one of the noticeable ones - notice me" - Dale Frances McKenzie Bozzio
Joined: 16 Nov 2015 Posts: 6437 Location: UK, London, just across the river..
Posted: Tue Jun 14, 2022 6:35 Post subject:
dale_gribble39 wrote:
Using a direct ssh tunnel with no VPN involved to the remote site is secure enough for remote webUI access if absolutely required. Using site-to-site VPN and setting up an ssh tunnel to remote into the webUI is only as complicated as you make it.
lovely, thanks for letting me know SSh is secure enough...
thanks for letting me know about the VPN too
thanks for letting me know that accessing SSh with tunnel inside, where router has a GUI restrictions as well it is accessed from VPN from the other side, wont work...
just, for a laugh "may be it wont let me access the GUI, as its broken"
p.s. case closed lock the thread please... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Sounds to me like a complicated paranoia setup or you just don't know how to make it work. No skin off my nose. _________________ "The woods are lovely, dark and deep,
But I have promises to keep,
And miles to go before I sleep,
And miles to go before I sleep." - Robert Frost
"I am one of the noticeable ones - notice me" - Dale Frances McKenzie Bozzio
Joined: 16 Nov 2015 Posts: 6437 Location: UK, London, just across the river..
Posted: Tue Jun 14, 2022 15:45 Post subject:
dale_gribble39 wrote:
Sounds to me like a complicated paranoia setup or you just don't know how to make it work. No skin off my nose.
yep its paranoia set up...R7800 is in student accommodation, used by 100 red's of students...daily, some of them clever bastards with malicious ideas...apart of that, ISP internet is crackling with buggers that hit the firewall rules on daily basis, as all the clients are in the same pool...witch is made of 2 joined networks...yep, i clearly don't know how to make it work...please tell me how would i do it, when i have a mac&IP based restrictions regarding GUI, and SSh goes via IP (layer 3) via VPN, so shall i made a firewall rule to permit the exit IP from the VPN provider, to be able to see the GUI trough WAN SSh nope i rather not do that...call it paranoia
p.s. mods plz lock the tread...!! _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913