Jump to content
  • 0

ACL для web-морды в интернете


Andrey Shmel

Question

3 answers to this question

Recommended Posts

  • 0

access-list FAV_ACL
    permit tcp 192.168.34.0 255.255.255.0 0.0.0.0 0.0.0.0 port eq 80    

interface GigabitEthernet1
   ip access-group FAV_ACL in   

ip http security-level public 


При попытке зайти через https "из вне"постоянно 403. Как это побороть подскажите?

Link to comment
Share on other sites

  • 0
2 часа назад, Алексей Дороненко сказал:

access-list FAV_ACL
    permit tcp 192.168.34.0 255.255.255.0 0.0.0.0 0.0.0.0 port eq 80    

interface GigabitEthernet1
   ip access-group FAV_ACL in   

ip http security-level public 


При попытке зайти через https "из вне"постоянно 403. Как это побороть подскажите?

Версия прошивки какая? Вдруг поможет, клик

Edited by AndreBA
Link to comment
Share on other sites

  • 0
18 hours ago, AndreBA said:

Версия прошивки какая? Вдруг поможет, клик

Только выбираю https - сразу 403 ошибка. Из доверенной зоны - нормально. Бридж, который описывает внешнюю зону:
 

interface Bridge34
    rename Bridge34
    role inet
    inherit ISP
    include StupidSW
    mac address factory wan
    mac access-list type none
    security-level public
    ip address 192.168.37.9 255.255.255.0
    ip dhcp client hostname Keenetic_Ultra2
    ip dhcp client dns-routes
    ip dhcp client name-servers
    ip mtu 1500
    ip access-group FAV_ACL in
    ip global 43688

Последняя стабильная:

release: 3.01.C.0.0-0
sandbox: stable     
title: 3.1      
arch: mips  

ndm:      
	exact: 	0-b285276    
	cdate: 	28 Aug 2019 
bsp:                   
	exact: 	0-6c35696 
	cdate: 	28 Aug 2019  
ndw:                  
version: 	3.1.20 
features: 	wifi_button,wifi5ghz,usb_3,led_control,dual_image,wifi_ft,wpa3 
components: 	base,cloudcontrol,config-ap,config-client,config-repeater,corewireless,ddns,dhcpd, 
		dlna,dot1x,easyconfig,fat,ftp,hfsplus,l2tp,miniupnpd,ntfs,pingcheck,ppe,pppoe,pptp,storage, 
		trafficcontrol,tsmb,usb,usbdsl,usblte,usbmodem,usbnet,usbserial 

manufacturer: ZyXEL 
vendor: ZyXEL     
series: Keenetic series 
model: Keenetic         
hw_version: 85280000-D 
hw_id: ku_rd 
device: Keenetic Ultra II                                                                                             
class: Internet Center
region: RU
description: ZyXEL Keenetic

 

Edited by Алексей Дороненко
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...