Accessing pppoe modem
-
following this guide.. http://doc.pfsense.org/index.php/Accessing_modem_from_inside_firewall
i have:
wan is connected via pfsense's pppoe
192.168.0.1 = pfsense.lan
192.168.201.253 = pfsense.wanmodem
192.168.201.1 = modemi can ping modem from pfsense box. i can't ping modem from lan computer, but i can ping pfsense.wanmodem
what have i done wrong?
-
Try using 192.168.2.0 for your LAN network address space (or anything other than "0.0" or "201.0". This might not fix your problem, but it will make your separation cleaner because the network defined by "192.168.0.0" includes the "192.168.201.X" address space.
Second, I've tested modem access with no Outboud NAT rule and it worked okay for me. The default "Allow LAN to any" rule will catch the traffic, and you don't need NAT because you're not trying to route through the public internet address space.
I even set it to use a DHCP address from the modem. This has the advantage of automatically setting a route in pfSense for the modem's address.
GB
-
did you set any gateway?
-
Nope. The since the interface is set to use DHCP, it's all set up automatically. :)
GB
-
Nope. The since the interface is set to use DHCP, it's all set up automatically. :)
GB
That wont work if the OP wants to put the modem in bridge mode. Or if the modem does not have its own router built in.
-
i can't work it out.
pfsense's pppoe0 is connected and needless to say, modem's in bridge mode. i have the interface configured as following the guide, and im able to ping the modem from the pfsense box. from a lan pc, i am able to ping the network interface connected to the modem, which is on the same subnet as the modem, but im not able to ping the modem.
i've tried a lot of things .. i really can't work out what's wrong.
-
I had to follow this page to get to mine…
http://doc.pfsense.org/index.php/How_can_i_access_my_PPPoE_Modem_on_WAN
Making adjustment for my modem...
I did this on 1.2.3 however...
http://forum.pfsense.org/index.php/topic,17184.0.html
-
…and im able to ping the modem from the pfsense box. from a lan pc, i am able to ping the network interface connected to the modem, which is on the same subnet as the modem, but im not able to ping the modem.
YMMV, but the following screenshots may help. This is how I just got it working, though whether it's the "correct" way I'm not quite sure (and not too worried at the moment as it's working ;)).
Edit: So just realised this is the same method the guide you linked uses, with one exception - the gateway(s). I found I had to use them otherwise nothing would go through from the LAN (but did from the shell prompt, like your pings).
Edit2: Gah, this was working a minute ago. ???
Edit3: Two LAN firewall rules fixed it - one for each of the modem IPs, using their respective gateways.
 -
Thought I'd add something here as I've just struggled to get this working using information from the forum and the wiki.
As gnhb says above I have access to my modem without using any outbound NAT mappings or extra firewall rules.
I simply added an extra interface, assigned it to the NIC attached to my modem and set it to static IP in the same subnet as the modem.
The last step was to add an extra gateway on that interface with the modem IP address.If someone would like to explain why the outbound NAT is needed here I'd be glad to know. For me it's working fine without it and adding it only caused problems.
Steve
