Author Topic: How to access CWP panels through VPN only (Read 9794 times)

« **on:** February 09, 2018, 08:52:37 PM »

Looking for a way to limit access to root (and perhaps end user) panel(s) through VPN only? The VPN server is up and running but how to route/bind the CWPanels to the VPN and remove access for any other entry point?

bullten · « **Reply #1 on:** February 09, 2018, 09:14:05 PM »

nano /usr/local/cwpsrv/conf/cwpsrv.conf

Locate
location / {

add
allow yourip;
deny all;

restart cwp.
service cwpsrv restart

« **Reply #2 on:** February 09, 2018, 09:24:53 PM »

probably silly question "yourip" = server.ip? Because the VPN dial-in address will be dynamic.

The panel port would then be server.ip:vpnport? And it would be the same port for the root user and the end user?

tcp ports 2030,2031,2082,2083,2086,2087,2095,2096 can then be safely removed from the CSF without impeding the usability of CWP?

bullten · « **Reply #3 on:** February 09, 2018, 09:28:42 PM »

Your ip means your client ip. You cnat add this rule for dynatic ip.

« **Reply #4 on:** February 09, 2018, 09:33:32 PM »

thanks, but then it is not a viable solution I suppose, considering that I would be be dialing up the VPN always from a static ip ...

If CWP would just implement 2-Step Verification (TOTP) for the panels

« **Reply #5 on:** February 09, 2018, 09:37:11 PM »

On second thought - once the VPN is established the client's IP (any) is becoming the server's IP, is it not?

bullten · « **Reply #6 on:** February 09, 2018, 09:39:31 PM »

No. VPN just changes your ip.

Control Web Panel

Author Topic: How to access CWP panels through VPN only (Read 9794 times)

How to access CWP panels through VPN only

Re: How to access CWP panels through VPN only

Re: How to access CWP panels through VPN only

Re: How to access CWP panels through VPN only

Re: How to access CWP panels through VPN only

Re: How to access CWP panels through VPN only

Re: How to access CWP panels through VPN only