Access modem from inside the firewall
-
Hello everyone,
I am new to pfSense and just got 2.0.2 installed yesterday. I tried to follow this guide: http://doc.pfsense.org/index.php/Accessing_modem_from_inside_firewall to access my modem from inside of the firewall. I can ping the modem ip (192.168.2.1) on the pfSense box (use SSH shell) or choose the interface (modemaccess) created via webgui. However I can't ping it if choose LAN interface. Also I can not ping or access the modem from any other machines within the LAN.
My lAN is 192.168.15.0/24 and modem ip is 192.168.2.1/24.
I can't figure out which part was wrong. Probably something with NAT?
Please help.
Thanks,
-
So your modem is 192.168.2.1, but your pfsense wan gets a public IP?? Or does your pfsense wan get a 192.168.2.x address and your behind a double nat?
-
I believe it is double NAT because the great Bell Canada. They only have one modem for VDSL (25M/10M) and it has been discussed at dslreport for quite some time. It only allow PPOE pass through at this moment.
So the modem has a static ip 192.168.2.1. pfSense PPOE will get a public IP. And also the modem will get another public IP. Regardless, the internet works fine for now. Speed is ok. I normally get the same speed either use that modem as router/modem or use pfSense as router. It is just that the model will stop responding after a couple hours of 80% load. pfSense works great so far.
-
Can anyone help? I am trying second time to explain my situation. My LAN is 192.168.15.0/24. Modem has IP 192.168.2.1. It has 4 port LAN so if I take a laptop, set the IP to 192.168.2.5 and connect to the modem then I can access the web gui of the modem.
I followed the doc for the setup on pfSense. I can ping 192.168.2.1 is using SSH console. I can ping 192.168.2.1 if I choose the interface I created for modem access using pfSense web gui. I can NOT ping 192.168.2.1 if I choose LAN interface. I can NOT ping 192.168.2.1 or access the web gui of the modem use any computer connected inside the firewall.
I suspect I missed something for the firewall rules but can figure out which it is.
Please help.
Thanks, -
http://doc.pfsense.org/index.php/Accessing_modem_from_inside_firewall
You did the instructions under 2.0 right?
I did this for both my modems which are an MLPPP set.
OPT2 172.25.125.0/24 * 10.0.0.0/25 * * * NO
OPT3 172.25.125.0/24 * 192.168.1.0/25 * * * NO
You have a rule that allows your LAN to all - or have a rule that will allow LAN to your modem?
-
Yes, I followed 2.0 instructions. Here is the rule under NAT outbound:
MODEMACCESS 192.168.15.0/24 * 192.168.2.0/24 * * * NO
I can ping 192.168.2.1 under web gui if I choose MODEMACCESS but can NOT if I choose LAN. I do have a rule to allow LAN to all.
* LAN net * * * * none Default allow LAN to any rule
Any suggestions?
-
Can you post the settings of your opt interface?
-
Can you post the settings of your opt interface?
Here is the interface configuration. There is no firewall rules under that interface tab.