I setup a UTM for my parents in Bridge Interface + Full Transparent Mode. The great thing about this setup is 1/2 of the network is not filtered in any way, for someone like my lawyer brother who still lives with parents and the other 1/2 of the network has dual AV, Snort, Sophos Content Filtering, with OpenDNS content filtering for my parents, who despite their best efforts, constantly seem to be hitting hijacked ads when on the web, etc.
Basic topology is:
Internet[DSL modem/router][Bridged UTM][Unmanaged LAN switch]Airport Extreme in Access Point mode
I can forward port 4444 to the UTM and set the UTM to be accessible from the web. I have no problem doing that; however, since I can not setup A VPN on the UTM in bridge + full transparent mode, I am afraid to leave the UTM accessible to be scanned and attacked on the WAN side. The same goes for my experience with the Sophos UTM and the Amazon Cloud. In testing, I was constantly getting e-mails about IP addresses that have been blocked for too many failed login attempts.
Is there any way that I can secure this setup so that I can manage the UTM remotely without having to worry about a brute force attack, without a VPN? I get that using HTTPS encrypts the traffic, my concern is brute force attacks, that eventually lead to the UTM being compromised on the WAN side.
This thread was automatically locked due to age.