Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Acessar Página WEB de Roteador em Bridge (RESOLVIDO)

    Scheduled Pinned Locked Moved Portuguese
    5 Posts 2 Posters 2.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T Offline
      tcherenato
      last edited by

      Olá!

      Estou quebrando a cabeça para acessar a página web de um roteador sem fio (192.168.0.151) configurado em modo bridge que está setado como WAN2 no PF.

      Eu segui este tuto, tentando adaptar ao meu caso: http://doc.pfsense.org/index.php/Accessing_modem_from_inside_firewall

      [2.0.3-RELEASE]: ifconfig                  
      rl0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
             options=8 <vlan_mtu>ether :::::
             inet 192.168.1.254 netmask 0xffffff00 broadcast 192.168.1.255 (VIA DHCP)
             inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255 (ALIAS)
             nd6 options=43 <performnud,accept_rtadv>media: Ethernet autoselect (100baseTX <full-duplex>)
             status: active

      LAN:
      vr0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
      inet 192.168.66.254 netmask 0xffffff00 broadcast 192.168.66.255

      Criei um IP Virtual: WAN2 (rl0) 192.168.0.254

      Criei o Outbound NAT: WAN2 (rl0) Source 192.168.66.0/24 - Destino 192.168.0.0/24 - Translation 192.168.0.254

      Do PFSense eu consigo pingar:
      [2.0.3-RELEASE][admin@.]/root(7): ping 192.168.0.151
      PING 192.168.0.151 (192.168.0.151): 56 data bytes
      64 bytes from 192.168.0.151: icmp_seq=0 ttl=255 time=2.708 ms

      De dentro da LAN não consigo ping, mas:
      2.0.3-RELEASE][admin@.]/root(8): tcpdump -i rl0 host 192.168.0.151
      listening on rl0, link-type EN10MB (Ethernet), capture size 96 bytes
      19:36:42.430369 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 30900, seq 1, length 64
      19:36:43.438542 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 30900, seq 2, length 64

      O ping está saindo pela interface certa, com o IP correto do PF, mas acho que alguma coisa está errada com o NAT…

      Alguma ideia?

      []'s
      Renato
      Seleção_001.png
      Seleção_001.png_thumb
      Seleção_002.png
      Seleção_002.png_thumb</up,broadcast,running,simplex,multicast></full-duplex></performnud,accept_rtadv></vlan_mtu></up,broadcast,running,simplex,multicast>

      1 Reply Last reply Reply Quote 0
      • marcellocM Offline
        marcelloc
        last edited by

        @tcherenato:

        Do PFSense eu consigo pingar:
        [2.0.3-RELEASE][admin@.]/root(7): ping 192.168.0.151
        PING 192.168.0.151 (192.168.0.151): 56 data bytes
        64 bytes from 192.168.0.151: icmp_seq=0 ttl=255 time=2.708 ms

        De dentro da LAN não consigo ping, mas:

        O que o tcpdump mostra no ping a partir do pfsense?

        Treinamentos de Elite: http://sys-squad.com

        Help a community developer! ;D

        1 Reply Last reply Reply Quote 0
        • T Offline
          tcherenato
          last edited by

          @marcelloc:

          @tcherenato:

          Do PFSense eu consigo pingar:
          [2.0.3-RELEASE][admin@.]/root(7): ping 192.168.0.151
          PING 192.168.0.151 (192.168.0.151): 56 data bytes
          64 bytes from 192.168.0.151: icmp_seq=0 ttl=255 time=2.708 ms

          De dentro da LAN não consigo ping, mas:

          O que o tcpdump mostra no ping a partir do pfsense?

          [2.0.3-RELEASE]: ping 192.168.0.151
          PING 192.168.0.151 (192.168.0.151): 56 data bytes
          64 bytes from 192.168.0.151: icmp_seq=0 ttl=255 time=1.216 ms
          64 bytes from 192.168.0.151: icmp_seq=1 ttl=255 time=1.053 ms
          64 bytes from 192.168.0.151: icmp_seq=2 ttl=255 time=1.048 ms
          64 bytes from 192.168.0.151: icmp_seq=3 ttl=255 time=1.064 ms
          64 bytes from 192.168.0.151: icmp_seq=4 ttl=255 time=1.049 ms

          [2.0.3-RELEASE]: tcpdump -i rl0 host 192.168.0.151
          tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
          listening on rl0, link-type EN10MB (Ethernet), capture size 96 bytes
          21:47:34.241766 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 39808, seq 0, length 64
          21:47:34.242703 IP 192.168.0.151 > 192.168.0.254: ICMP echo reply, id 39808, seq 0, length 64
          21:47:35.251407 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 39808, seq 1, length 64
          21:47:35.252325 IP 192.168.0.151 > 192.168.0.254: ICMP echo reply, id 39808, seq 1, length 64
          21:47:36.261475 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 39808, seq 2, length 64
          21:47:36.262396 IP 192.168.0.151 > 192.168.0.254: ICMP echo reply, id 39808, seq 2, length 64
          21:47:37.271509 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 39808, seq 3, length 64
          21:47:37.272437 IP 192.168.0.151 > 192.168.0.254: ICMP echo reply, id 39808, seq 3, length 64
          21:47:38.281551 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 39808, seq 4, length 64
          21:47:38.282475 IP 192.168.0.151 > 192.168.0.254: ICMP echo reply, id 39808, seq 4, length 64

          1 Reply Last reply Reply Quote 0
          • marcellocM Offline
            marcelloc
            last edited by

            @tcherenato:

            [2.0.3-RELEASE]: tcpdump -i rl0 host 192.168.0.151
            tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
            listening on rl0, link-type EN10MB (Ethernet), capture size 96 bytes
            21:47:34.241766 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 39808, seq 0, length 64
            21:47:34.242703 IP 192.168.0.151 > 192.168.0.254: ICMP echo reply, id 39808, seq 0, length 64
            21:47:35.251407 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 39808, seq 1, length 64
            21:47:35.252325 IP 192.168.0.151 > 192.168.0.254: ICMP echo reply, id 39808, seq 1, length 64
            21:47:36.261475 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 39808, seq 2, length 64
            21:47:36.262396 IP 192.168.0.151 > 192.168.0.254: ICMP echo reply, id 39808, seq 2, length 64
            21:47:37.271509 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 39808, seq 3, length 64
            21:47:37.272437 IP 192.168.0.151 > 192.168.0.254: ICMP echo reply, id 39808, seq 3, length 64
            21:47:38.281551 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 39808, seq 4, length 64
            21:47:38.282475 IP 192.168.0.151 > 192.168.0.254: ICMP echo reply, id 39808, seq 4, length 64

            @tcherenato:

            19:36:42.430369 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 30900, seq 1, length 64
            19:36:43.438542 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 30900, seq 2, length 64

            Está saindo igual ao pacote vindo da lan, deveria estar funcionando…  :(

            Treinamentos de Elite: http://sys-squad.com

            Help a community developer! ;D

            1 Reply Last reply Reply Quote 0
            • T Offline
              tcherenato
              last edited by

              Hoje, do nada, após um reboot, começou a funcionar!!! Não tinha mexido em mais nada, mas por desencargo, resolvi dar um ping após um reboot e respondeu! Consegui acessar a página do roteador sem problemas.  ;D

              [2.0.3-RELEASE]: tcpdump host 192.168.0.151
              tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
              listening on rl0, link-type EN10MB (Ethernet), capture size 96 bytes
              22:23:51.274420 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 13170, seq 1, length 64
              22:23:51.275776 ARP, Request who-has 192.168.0.254 tell 192.168.0.151, length 46
              22:23:51.275800 ARP, Reply 192.168.0.254 is-at 00:**:**:**:**:00 (oui Unknown), length 46
              22:23:51.276565 IP 192.168.0.151 > 192.168.0.254: ICMP echo reply, id 13170, seq 1, length 64
              22:23:52.276522 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 13170, seq 2, length 64
              

              Mas nem tudo são flores… Notei que após um período de tempo, não descobri o motivo ainda, o alias que crio em tempo de boot para rl0 (<shellcmd>ifconfig rl0 inet 192.168.0.254 netmask 255.255.255.0 alias</shellcmd>), simplesmente desaparece!!! rl0 volta a ficar como:

              rl0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
                      options=8 <vlan_mtu>ether :::::
                      inet 192.168.1.254 netmask 0xffffff00 broadcast 192.168.1.255 (VIA DHCP)
                      inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255 (ALIAS)
                      nd6 options=43 <performnud,accept_rtadv>media: Ethernet autoselect (100baseTX <full-duplex>)
                      status: active

              Ao menos não preciso mais derrubar este link para acessar o roteador, já valeu!

              []'s
              Renato</full-duplex></performnud,accept_rtadv></vlan_mtu></up,broadcast,running,simplex,multicast>

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.