Hi there, been working on my selfhosted setup a bit lately and just noticed that if I browse to my own WAN-IP it will show to the public the interfance of my oc200 omada hardware controller. While it does have a login form with username password, id be much more confident if this wasnt public at all. I’ve looked online and in my settings but struggle to find anything related to this. Is it common that this is on be default?

Any pointers greatly appriciated.

Edit: Solved - I panicked without thinking I was on my own lan when checking this…

  • Fuck spez@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    8 days ago

    NAT loopback, if supported and enabled, may appear to bypass firewall rules.

    Basically, traffic to your public (WAN) IP that comes from inside the network is not subject to the same level of security as outside traffic would be. The last part of the parent comment didn’t quite make sense, though.