[Solved] Restrict login

General discussion of anything Unimus
Post Reply
Esather
Posts: 4
Joined: Wed Feb 22, 2023 7:15 pm

Wed Feb 22, 2023 7:17 pm

Is there a way to restrict login to a specific subnet?
User avatar
Tomas
Posts: 1195
Joined: Sat Jun 25, 2016 12:33 pm

Wed Feb 22, 2023 7:24 pm

Esather wrote:
Wed Feb 22, 2023 7:17 pm
Is there a way to restrict login to a specific subnet?
Hi, do you mean to Unimus itself? There are multiple options:
- completely disable access to the web GUI on a firewall "in front of" your Unimus server
- deploy iptables (or other firewall) on the server itself and only allow access from "known good" sources
- deploy NGINX as a reverse-proxy "in front of" Unimus and use "allow/deny" statements
- use Radius and allow login only from specific client IPs

In general, this restriction should be either on the connection level (firewalls, reverse proxy) or on the auth level (using external auth such as Radius or NPS).
Esather
Posts: 4
Joined: Wed Feb 22, 2023 7:15 pm

Wed Feb 22, 2023 7:49 pm

Thanks for the info. Yes, we're were hoping to restrict access to the webui or login specifically. I was thinking we'd have to do it with our firewall, but thought I'd check if there was something built in.
User avatar
Tomas
Posts: 1195
Joined: Sat Jun 25, 2016 12:33 pm

Wed Feb 22, 2023 8:02 pm

Esather wrote:
Wed Feb 22, 2023 7:49 pm
Thanks for the info. Yes, we're were hoping to restrict access to the webui or login specifically. I was thinking we'd have to do it with our firewall, but thought I'd check if there was something built in.
Happy to provide more info - but the best place for this kind of access control would indeed be on the firewall responsible for that server, or to deploy iptables and protect the server directly.
Post Reply