Unable to access modem configuration page over wan
-
My Motorola modem configuration page is at 192.168.100.1 - I have pfsense 1.2.3 and tried on 1.2.2. When I try to access the modem configuration page with my pfsense box hooked up it never loads. If I disconnect and try just with my tomato firmware wrt54gl it comes up fine - something in the pfsense box is not allowing this through.
I allowed private networks over wan but it didn't change. Is there something else I am missing here?
-
I do this and it works fine.
What is your lan address and subnet?
-
lan/gw is on 192.168.0.x 255.255.255.0
-
If I disconnect and try just with my tomato firmware wrt54gl it comes up fine
Do you mean "it comes up fine if I replace the pfSense box with the wrt54gl"?
- something in the pfsense box is not allowing this through.
You know this or you are guessing this?
I have an ADSL modem/router which routes to a pfSense box (pfSense WAN) which has LAN and WLAN bridged together and OPT3 LAN to a Linux box. I can access the ADSL modem/router config web pages from any system on my LAN/WLAN. Perhaps there is some subtle configuration difference between your configuration and chpalmer's (and mine).
Do you attempt to access the modem configuration by IP address or name? (If name, which DNS server provides the name to IP address translation?)
What is displayed if you ping or traceroute the modem by IP address? by name?
Is your modem a router or a bridge?
-
Thank you for your reply, I will elaborate further.
I wanted to also add that I noticed something last night - the modem runs a telnet connection and I can connect to the interface via telnet… just not the webgui. Tracert comes back fine, ping comes back fine.
The modem is accessed through the 192.168.100.1 address but not by any name.
it is not a router/modem combo box... standard cable modem bridge.
If I connect
computer > lan port on wrt54gl >wan port to cable modem
I am able to access the web interface fine, as well as if I connect direct. This is repeatable back and forth.
If I take the wrt54gl out of the picture and connect
computer > lan port on dumb switch > lan port on pfsense > wan port to cable modem
I am then unable to pull up the interface webpage.
EDIT I am now able to pull up the page. I am unsure why I was never able to before in previous configurations or when swapping back and forth... but it now lets me. I suppose it is now a non issue.
I do wonder however if its possible to block private networks on the wan port but allow a private network address exception so ONLY the modem config page can be accessed via the wan port.
-
EDIT I am now able to pull up the page. I am unsure why I was never able to before in previous configurations or when swapping back and forth… but it now lets me. I suppose it is now a non issue.
There is anecdotal evidence that some cable modems in some circumstances care about the MAC address of the downstream device.
I do wonder however if its possible to block private networks on the wan port but allow a private network address exception so ONLY the modem config page can be accessed via the wan port.
pfSense firewall rules apply on the input device. So on the LAN interface you could add a rule to pass traffic to the cable modem and follow it with rules to block access to appropriate private networks. (In time you might add other interfaces with private network addresses and want to route between them and LAN.)
