NAT - To manage a ONT SFP+ on 192.168.11.1
-
Hi All,
I have a running WAN ( igc3) on DHCP configured at 2.5Gbps per this igc3 port speed.I plan to make use of a Media converter supporting RJ45 ( 2.5Gbps) to SFP+.
And will be attaching an ONT SFP+ stick via this Media converter to the WAN ( igc3 ).I need to manage this ONT SFP+ via 192.168.11.1
and have followed the following steps but am unable to gain access at 192.168.11.1.
I'd appreciate your assistance on this.
-
@BennySoh Can you ping the SFP+ module from your pfSense UI/CLI if you source the packet from the WAN Alias IP?
If so, then your settings ought to work IF you have the needed Allow firewall rule on your LAN interface.
Make sure you have disabled “Block private networks and loopback addresses” on your WAN interface. That cannot be enabled in this case. -
Did you follow the instructions on the 8311 wiki site on how to set up SOURCE NAT on pfSense as shown in this link?
https://pon.wiki/guides/install-the-8311-community-firmware-on-the-was-110/#network-setup
You could also post your question on the 8311 community forum on Discord as well if you are still not able to figure this out.
https://discord.gg/8311
-
@keyser Hello,
I am able to Ping on the PFsense Ping diagnostic on 192.168.11.2 but not 192.168.11.1.
At this moment, I am unable to web gui into 192.168.11.1 via the Web Browser. Pfsense was re-booted too. Thanks for your continued assistance -
@keyser
Please see the LAN rules in place too. Thank you. -
-
-
@MarinSNB Hello, this was the instructions on 8311 wiki site to set up the SOURCE NAT on pdSense for DHCP but I am unable to Web Gui into 192.168.11.1. So, I'm reaching out to the pfSense community at large to see if there might be other configuration that I might need to tweak. Thanks for highlighting this.
-
@BennySoh I think your problem is more basic if you cannot ping 192.168.11.1 from your pfSense box when using the Souce IP address of 192.168.11.2 (VIP address on WAN).
If you cannot ping the SFP modules administrative IP, then you cannot expect to be able to reach its web interface.
There is a small chance that the module has a Firewall that blocks Ping (very unlikely), but then at least you should see it’s MAC address in the STATUS -> Mac address Table in pfSense after attempting to ping it. I suspect you don’t, and therefore the problem is more of a basic nature…Does the port show link in pfSense? If it’s WAN2 in your screenshot it doesn’t sense link on the SFP module, so it might be your pfSense box have not recognized the SFP module at all.
-
Here is the solution that works for me.
https://forum.netgate.com/topic/197766/how-to-connect-to-xgs-pon-controller/15?_=1751026822174
-
@AndyRH Thank you for this. I will reconfigure to this new Outbound NAT Rules and will get back once I get to swap in the ONT SFP+ Module.
-
@BennySoh Once you are talking to it, I would be curious to know what the temp is.
-
@AndyRH Hi, I am still unable to access WAS-110 via 192.168.11.1.
Please see my current WAS-110 connectivity to the pfSense WAN / 2.5gbps / igc3 port.
Would you mind sharing your WAS-110 connectivity to the pfSense for your successful NAT Outbound access ? -
@AndyRH Hi, my apologies, I should have read through your trail of the post you made in arriving at your solution. From it, I gather that the WAS-110 is inserted directly into the ix1 of the 7100 box. So, in my case I am making use of a media converter and am hence not sure if this could be the cause on my inability to Web Gui into 192.168.11.1.
I'd appreciate if the community may chime in on this. Thank you. -
@BennySoh The media converter should be a "dumb" switch. I would not expect it to block your access.
You could more easily test by inserting a switch on the WAN side and giving your PC a .11.x address and see if you can get there. -
@AndyRH Hi, just to be sure i understand this. So, in place of the Media Converter, have a switch instead. And for the PC with 11.x, this PC is to be connected at the switch itself or this PC is be be on the Lan side of the Router. Thanks for your patience on this
-
@BennySoh Leave the media converter in place. Plug the media converter, pfSense WAN port and the PC into the switch. Only change the PC to have a static address of 11.x. The PC will not have access to the internet, but should have access to the WAS-110. If this works then the method that was explained to me in the other thread should work for you as well.
If it does not work then the media converter is doing something else to prevent access. I have no experience with media converters so someone else may have an answer. -
@AndyRH Hi, with the switch and media converter, I can access the 192.168.11.1 WAS-110 Web Gui, however, I lose the Internet connection. Thank you very much anyway. I need to access both the Internet and the WAS-110 Web Gui at 192.168.11.1 from my network behind the firewall but so far from the NAT Outbound that @AndyRH has shared ( thanks for that ) has not worked for me. I'd very much appreciate if anyone or Netgate Support may give me a helping hand on this.
-
@BennySoh I expected you to loose internet access. More of a test to make sure it works. What I did in the other thread should work, but I do not understand it well enough to troubleshoot.
-
@AndyRH Hi, I managed to access the 192.168.11.1 Web Gui with the changes you've shared https://forum.netgate.com/topic/197766/how-to-connect-to-xgs-pon-controller/15?_=1751026822174
This access ( NAT OutBound ) to 192.168.11.1 Web Gui succeeded after i did a Power On Reset to the Netgate 4100 after making the NAT Outbound changes. It hence seems that NAT changes did not take effect after I "Save" and "Apply Changes" and only became effective after I did a Power On Reset. Also another point to note was this Web Access to 192.168.11.1. was successful when my WAN is on DHCP and without a Vlan assignment. I may have to open another thread for assistance as I need to access 192.168.11.1 with WAN on DHCP and with a VLAN for the WAN. Thanks to you, at least I have a window into the WAS-110 albeit when the WAN is not configured with a VLAN. On your temperature for the WAS-110 its 50/48/46 Celsius with ambient temperature at 30 degrees Celsius and with a cooling fan in place. Have a a good one.
