Can't access web-interface (squert) from outside, only as localhost.

[Marcis]

So the problem is that only way for me to access web-interface for example squert is opening chromium-browser and doing "localhost/squert" from the "inside" of the network. I can access my machine from "outside" of the network using ssh perfectly and the system works perfectly. But it would be nice to access squert from my machine which is "outside" of the network. What could be the issue and what should I check if there is anything?
This is my setup: https://imgur.com/a/o1xvv
Thanks for help!

[Wes Lambert]

Marcis,

Try running so-allow on the Security Onion machine and choosing the "a" option for analyst for the IP address from which you are trying to access Squert.  This should allow access for port 443.

Thanks,

Wes

--
Follow Security Onion on Twitter!
https://twitter.com/securityonion
---
You received this message because you are subscribed to the Google Groups "security-onion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to security-onion+unsubscribe@googlegroups.com.
To post to this group, send email to security-onion@googlegroups.com.
Visit this group at https://groups.google.com/group/security-onion.
For more options, visit https://groups.google.com/d/optout.

--

https://twitter.com/therealwlambert

https://securityonion.net/

[Marcis]

pirmdiena, 2018. gada 16. aprīlis 13:55:08 UTC+3, Wes rakstīja:
> Marcis,
>
>
> Try running so-allow on the Security Onion machine and choosing the "a" option for analyst for the IP address from which you are trying to access Squert.  This should allow access for port 443.
>
>
> Thanks,
> Wes
>
>
> On Mon, Apr 16, 2018 at 5:35 AM, 'Marcis' via security-onion <securit...@googlegroups.com> wrote:
> So the problem is that only way for me to access web-interface for example squert is opening chromium-browser and doing "localhost/squert" from the "inside" of the network. I can access my machine from "outside" of the network using ssh perfectly and the system works perfectly. But it would be nice to access squert from my machine which is "outside" of the network. What could be the issue and what should I check if there is anything?
>
> This is my setup: https://imgur.com/a/o1xvv
>
> Thanks for help!
>
>
>
> --
>
> Follow Security Onion on Twitter!
>
> https://twitter.com/securityonion
>
> ---
>
> You received this message because you are subscribed to the Google Groups "security-onion" group.
>

> To unsubscribe from this group and stop receiving emails from it, send an email to security-onio...@googlegroups.com.
>
> To post to this group, send email to securit...@googlegroups.com.

>
> Visit this group at https://groups.google.com/group/security-onion.
>
> For more options, visit https://groups.google.com/d/optout.
>
>
>
>
>
> --
>
>
> https://twitter.com/therealwlambert
>
> https://securityonion.net/

Thanks for help, it worked !!!
One more question: Is there way to make it public for all ip-adreses because this system might be problematic if I want to check on multiple computers.

[Wes Lambert]

Currently, so-allow does not allow for this, although you could do this with just ufw instead:

Ex.

sudo ufw allow proto tcp from any to any port 443

or 

sudo ufw allow proto tcp from 192.168.1.0/24 to any port 443

Keep in mind, ideally, you would want to lock this down to only the computers that you really want to access it from, either running so-allow or ufw commands for a single host at a time.

Thanks,

Wes

To unsubscribe from this group and stop receiving emails from it, send an email to security-onion+unsubscribe@googlegroups.com.
To post to this group, send email to security-onion@googlegroups.com.

Visit this group at https://groups.google.com/group/security-onion.
For more options, visit https://groups.google.com/d/optout.