Menu
What's new
By:
Filters Better Search

RT-AC66U B1 gui access only on wan with https

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

B

biros

New Around Here
Hi everyone,
Last night, after 2 years i enabled the free letsencrypt cert feature with the wan access via https which works with the asuscomm ddns service flawlessly.
I might misunderstand this feature and i don't speak fluent internet either, but by doing this, my internal devices which are forwarded shouldn't be accessible by the same https path too (different portnumber)?
Like: https://user.asuscomm.com:router_gui_port <- this works, but this: https://user.asuscomm.com:forwarded_device_port doesn't (it works on http and not just one device so i assume there is no problem with port forwarding).
Is asus limiting this feature to services provided by them only? If yes ok, if not, what am i doing wrong?
New user here, sorry if it's duplicate, i did a search and haven't found anything relevant (google or here).
Thank you!
 
Last edited:
It works, you have to forward the ports. Don't enable Web Access from WAN though, it's not secure. Use OpenVPN Server instead.
 
Ok, then what could be the problem? I get "ERR_SSL_PROTOCOL_ERROR" for every forwarded device but the webgui (every forwarded device works via http). I will disable the gui access via wan after i cracked this issue.
 
It is difficult to understand the problem you are describing.

What ports or services you trying to connect to on your LAN? If you are trying to use https then the device you are connecting to must be running an https server, not just an http server.
 
Additionally, the router's letsencrypt certificate is only applicable to accessing the router itself. If you want to connect to https servers on your LAN they will require their own certificates.
 
Last edited:
Ok, the i don't speak fluent internet part lies here. But i understood and thank you for that. So the https "secure" access with a dvc + ddns is for the router webgui only; ex.: https://user.asuscomm.com:webguiport (and it's not recommended to leave it accessible, then i wonder why the dvc lol?).
If i have, let's say a node-red server behind the router with a ui dashboard (or anything with with an gui) and i forward its port of the internal ip to a random port of the external ip; ex.: https://user.asuscomm.com:random port of ext ip <--- the dvc will not "cover" this ...
I use the inbuilt openvpn server and works great, i just wanted to simplify the access to the uis behind the router.
 
Actually you can export the Letsencrypt certs and use them on a server on your LAN. Keep in mind that the certs expire after a number of days.
 
biros said:
pretty neat idea, is it possible to automate the export?
Click to expand...
Automate? Yes but more of a pain than it is worth. You would be better off to set up LetsEncrypt on your servers and automate it there.
 
toaruScar said:
www.snbforums.com

Location of key and certificate generated by built-in Let's Encrypt client?

May I ask where can I find the key and the certificate generated by the built-in Let's Encrypt client? Thank you.
www.snbforums.com www.snbforums.com
You should be able to. Use scp to copy the certificate and keys to your local machines.
Click to expand...
thanks for the tip, i can access /jffs/.le/ but "dir" returns this: "-sh: dir: not found", is there a different command to list the contents of a folder in asuswrt? (stock).
 
bbunge said:
Automate? Yes but more of a pain than it is worth. You would be better off to set up LetsEncrypt on your servers and automate it there.
Click to expand...
i was thinking to copy it via nodered from /jffs/.le/ to my nas and i could pick it up from there. But yeah, you're right, your suggestion is more pro and more elegant. thx
 
You must log in or register to reply here.

Similar threads

pasha4ur
Need help with restoration of AC66u B1 + last Merlin
Replies
12
Views
800
pasha4ur
pasha4ur
J
Access to device on a different subnet, but same switch
Replies
4
Views
522
ColinTaylor
C
N
Upgrade time ... RT-AC66U-B1 to RT-AX68U?
2 3
Replies
47
Views
3K
Tech9
Tech9
R
DDNS unable to detect WANIP with Dual Wan Load Balancing enabled
Replies
0
Views
218
RandomUser777
R
M
Issue Updating Merlin Firmware to 386.12_2 on my ASUS RT-AC66U B1
Replies
2
Views
889
meton66
M
Similar threads
Thread starter Title Forum Replies Date
J Access to device on a different subnet, but same switch ASUS Wireless 4
G Solved How do I access ac66u_b1 on ap mode? ASUS Wireless 12
B Wifi to Ethernet access point to add to pair of AX7800 Xt9 ASUS Wireless 5
F AP Mode Denied LAN Access ASUS Wireless 53
mocamaster Guest WiFi Internet Access Suddenly Stopped ASUS Wireless 2
V Access Points and Ethernet Backhaul ASUS Wireless 21
rwheaton1 Local Access Config (Https) Certificate ASUS Wireless 1
S Configure ASUS OpenVPN server to allow client-client access ASUS Wireless 2
R Access guest network printers from primary network? ASUS Wireless 6
C Is this configuration excessively intricate? ASUS XT8 access points along with XD4 devices. ASUS Wireless 1

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 667 (members: 32, guests: 635)
Top