Issue with AT&T modem at 192.168.1.254
-
I run pfSense+ 23.09.1 and with a lot of fiddling I've got IPV4 and IPV6 working as expected with the LAN subnet at 192.168.2.0/24. In this mode I can reach the modem at it's 192.168.1.254 address without a static route. Makes sense since the out of subnet request would go to the gateway.
However, if I adjust everything such that the LAN subnet is 192.168.1.0/24 and add a static route to the IPV4 gateway for address 192.168.1.254, I cannot reach the modem. It times out. I can successfully ping the 192.168.1.254 from the pfSense console but not from any LAN client. I fail to understand why this wouldn't work?
-
@jcyr Because if your LAN is 192.168.1.0/24, and you try to go to .254, it will never go to the WAN port which is where your modem is.
That address in on your LAN subnet. -
Shouldn't the static route for a specific address, 192.168.1.254/32, take precedence?
-
@jcyr It's on the same subnet. It won't even go to the router. Look up Layer 2.
-
@Jarhead Duh!!! I hadn't thought of that. The router won't even see them. OK but for some reason I'm strangely attached to the 192.168.1.0/24 default address for single LAN side sub net convention. So I've declared the LAN sub net as 192.168.1.0/25 which excludes 192.168.1.254 and routes it to WAN automatically. Gives me enough 192.168.1.x LAN side IPV4 addresses, but is kind of a hack. I'd previously avoided the problem reaching the AT&T modem by using a 192.168.2.0/24 LAN side but that just, for some reason, bothered me.
Anyway thanks for enlightening me.
-
@jcyr using a /25 vs a /24 is not a "hack" hehehe
But to be honest use of 192.168.1 or even say 192.168.0 can be problematic - these are 2 of the most common networks. So you run into stuff like your seeing with your ATT devices IP address. You can also see issues with remote access via vpn where the remote site is also using the same IP range your using and then have problems accessing stuff via the vpn.
Using the 192.168.1 could also lead to problem if you fire up some new device on your network and it defaults to using say .1 or .254 and that ends up stepping on say pfsense IP..
You were better off just using 192.168.2 network, or if you like the 1 there as the 3rd octet.. Use maybe 172.16.1/24 or 10.1.1/24 or 192.168.10/24
But using a /25 can work.. for your current setup, but could also be problematic because I doubt your ATT device is using a /25 and you could still run into a issue. If it happened to say assign your pfsense wan the same IP in your /25 as your lan side network interface..
Your better off just moving to some network on your pfsense lan that in no way is overlapping with the network your ATT device is using.
