How to setup secure access to a web server?

Discussion in 'Networking Issues' started by pamulli, Oct 18, 2012.

  1. pamulli

    pamulli LI Guru Member

    I have 3 routers running TomatoUSB and I want to setup outside access to a small web server on my LAN and I'm not sure how to properly secure it so I'm hoping someone here can help me.

    I have two PC's and an automated controller for my smoker. One PC is my HTPC/File Server and the other is an Ubuntu box hosting a very small web server that runs my automated controller for my smoker.
    What I would like to accomplish is to be able to connect to the web server internally as well as externally over the web so that I can get access to the automated controller whether I'm at home or at work. I also want to keep my other HTPC/File Server safe from outside attacks so I don't want to just blindly open port 80 on my router and forward it to my web server. I'd like to have it so that if you did hack in you would only get access to the web server and not my personal files on the other PC.
    For this to work the way I want, I need to be able to get to both my HTPC/File server and the web server when I'm connecting internally, but from the outside you would only be able to get to the web server.

    I don't know if this is possible, but if you can setup a one way route so that if you are on Vlan1 with the HTPC/File server, you can also get to the web server, but if you are on Vlan2 with the web server you can't get access to anything on Vlan1? I could then just forward HTTP traffic to the web server on Vlan2 and not worry about people getting to Vlan1. If that is the right way to approach this some tips on how to actually do it in Tomato would be appreciated. I don't have any experience setting up routing tables.

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice