Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Accessing modem from inside firewall pfsense 2.1 and 2.1.1 not work

    NAT
    5
    21
    4.2k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      doktornotor Banned
      last edited by

      What the hell is this "11.11.11.138 and 12.12.12.138 , …..., till 17.17.17.138"? You just invented those IPs? Absolutely broken, no wonder it won't work. You do NOT hijack public routable IPs for your local junk!

      1 Reply Last reply Reply Quote 0
      • A
        ahmedfac
        last edited by

        @doktornotor:

        What the hell is this "11.11.11.138 and 12.12.12.138 , …..., till 17.17.17.138"? You just invented those IPs? Absolutely broken, no wonder it won't work. You do NOT hijack public routable IPs for your local junk!

        it is very simple  ..  11.11.11.138 is a modem in bridge mode … @ pfsense ppp i make a pptp client with isp user and pass just like pppoe ... The question is how to ping this modem ip 11.11.11.138 from pfsense lan .... That is all

        1 Reply Last reply Reply Quote 0
        • D
          doktornotor Banned
          last edited by

          Dude. 11.11.11.138 belongs to Department of Defense.

          NetRange:       11.0.0.0 - 11.255.255.255
          CIDR:           11.0.0.0/8
          OriginAS:       
          NetName:        DODIIS
          NetHandle:      NET-11-0-0-0-1
          Parent:         
          NetType:        Direct Allocation
          RegDate:        1984-01-19
          Updated:        2007-08-22
          Ref:            http://whois.arin.net/rest/net/NET-11-0-0-0-1
          

          Are you sitting at DoD information center? God Save The Queen if so.  ;D ::) The other IPs belong to Xerox, some Japanese co., etc. etc. etc.

          There are 10/8, 172.16/12 and 192.168/16 ranges (RFC1918) for this purpose. Go get a clue.

          1 Reply Last reply Reply Quote 0
          • A
            ahmedfac
            last edited by

            @doktornotor:

            Dude. 11.11.11.138 belongs to Department of Defense.

            NetRange:       11.0.0.0 - 11.255.255.255
            CIDR:           11.0.0.0/8
            OriginAS:       
            NetName:        DODIIS
            NetHandle:      NET-11-0-0-0-1
            Parent:         
            NetType:        Direct Allocation
            RegDate:        1984-01-19
            Updated:        2007-08-22
            Ref:            http://whois.arin.net/rest/net/NET-11-0-0-0-1
            

            Are you sitting at DoD information center? God Save The Queen if so.  ;D ::) The other IPs belong to Xerox, some Japanese co., etc. etc. etc.

            There are 10/8, 172.16/12 and 192.168/16 ranges (RFC1918) for this purpose. Go get a clue.

            thank you for this information >>>
            i changed all modems ips to 192.168.201.138 , 192.168.202.138 till 192.168.206.138
            and lan interface to 172.16.14.1
            no one answer me till now how to access modem " 192.168.201.138" from pfsense lan
            any answer

            1 Reply Last reply Reply Quote 0
            • johnpozJ
              johnpoz LAYER 8 Global Moderator
              last edited by

              And did you create outbound nat to use that interface to get to 192.168.201.138?  You mention you put the modems in "bridge" mode – then why do you even need to access them?  You should set your interface connected to that modem to dhcp and get a public IP..

              So this VM you have -- has 7 physical nics connected each one of these VM interfaces in pfsense to your modems?  Are you trying to do this over vlans?

              What are these modem devices?  Can you post a model number please - and again draw out this network on how this stuff is connected.  The documentation already goes over how to connect to your modem - which is about PPPoE connections btw, not PPTP?  Which to me makes no sense if they are in bridge mode why you are coming up with static IPs on your interfaces..

              I would love to help you but this seems like one big giant mess to me..  I have to think its just basic concepts your not getting if you put public IP space like that for your "modems" ???

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              SG-4860 24.11 | Lab VMs 2.7.2, 24.11

              1 Reply Last reply Reply Quote 0
              • A
                ahmedfac
                last edited by

                @johnpoz:

                And did you create outbound nat to use that interface to get to 192.168.201.138?  You mention you put the modems in "bridge" mode – then why do you even need to access them?  You should set your interface connected to that modem to dhcp and get a public IP..

                So this VM you have -- has 7 physical nics connected each one of these VM interfaces in pfsense to your modems?  Are you trying to do this over vlans?

                What are these modem devices?  Can you post a model number please - and again draw out this network on how this stuff is connected.  The documentation already goes over how to connect to your modem - which is about PPPoE connections btw, not PPTP?  Which to me makes no sense if they are in bridge mode why you are coming up with static IPs on your interfaces..

                I would love to help you but this seems like one big giant mess to me..  I have to think its just basic concepts your not getting if you put public IP space like that for your "modems" ???

                yes i  create outbound nat to use interface to get to 192.168.201.138 without success >> when using 2.0.3 i can access it but i want 2.1.1 because pptp connect automatic without needing manual connect as 2.0.3

                why do you even need to access them?
                in order to look at  Data Rate some times it down to 4Mbps and i have to call internet company to increase it again to 10Mbps

                So this VM you have – has 7 physical nics connected each one of these VM interfaces in pfsense to your modems?  Are you trying to do this over vlans?

                no i have one nic , physical switch, esxi vm switch and all connected without  vlans

                What are these modem devices?  Can you post a model number please - and again draw out this network on how this stuff is connected.  The documentation already goes over how to connect to your modem - which is about PPPoE connections btw, not PPTP?  Which to me makes no sense if they are in bridge mode why you are coming up with static IPs on your interfaces..

                modem speedtouch 585 v6 thomson
                pptp is just like pppoe and when i create my configuration as The documentation it works with 2.0.3 the problem with 2.1.1

                Dashboard.jpg
                Dashboard.jpg_thumb

                1 Reply Last reply Reply Quote 0
                • E
                  Elludium_Q-36
                  last edited by

                  I'm having what seems to be the same issue.

                  In my case I have multiple routers with OpenWRT, DD-WRT and stock Linksys firmware, and several OPTx ethernet interfaces.

                  I can ping them from: Diagnostics -> Ping.

                  My build:

                  2.1-RELEASE  (i386)
                  built on Wed Sep 11 18:16:22 EDT 2013

                  FreeBSD 8.3-RELEASE-p11

                  I've tried manual outbound NAT, plugged them into OPTx interfaces, allowed RFC 1918 networks.

                  I use my gateway router to connect to a Windows Mobile phone via MicroSoft's crappy RNDIS protocol.  It frequently disconnects, so being able to hit the graphical "connect" button is essential.

                  I'm on 192.168.x.x internal IPs, nothing owned by the U.S. D.O.D.so it's not a scenario out of the 1983 movie, Wargames:

                  Joshua: Shall we play a game?

                  David Lightman: Oh!

                  Jennifer: [giggles] I think it missed him.

                  David Lightman: Yeah. Weird isn't it?

                  Jennifer: Yeah.

                  David Lightman: [typing] Love to. How about Global Thermonuclear War?

                  Joshua: Wouldn't you prefer a nice game of chess?

                  [Jennifer laughs]

                  David Lightman: [typing] Later. Let's play Global Thermonuclear War.

                  Joshua: Fine.
                  http://www.imdb.com/title/tt0086567/quotes?item=qt0453835

                  1 Reply Last reply Reply Quote 0
                  • A
                    ahmedfac
                    last edited by

                    Elludium

                    I've tried manual outbound NAT, plugged them into OPTx interfaces, allowed RFC 1918 networks

                    did you success ?

                    if you success … can you post your outbound nat config with photo if u can

                    1 Reply Last reply Reply Quote 0
                    • E
                      Elludium_Q-36
                      last edited by

                      What we got here is… failure to communicate.

                      http://www.imdb.com/title/tt0061512/quotes?item=qt0303192

                      First, there may be a bit of a language issue.  It seems ahmedfac may have English as a Second Language.  Then there is the language of pfSense…

                      I suspect that Ahmed didn't want to release the IP addresses, as they are masked/painted over on the screen shots.  SOME information should not be shared, like the XML file which contains unencrypted, plaintext passwords, etcetera, but some info is useful to those trying to help.

                      Obviously the pfSense box is not allowing communication with the webGUIs of the router/modems in question.

                      I an NOT the one to ask, Ahmed.  I am here with the same issue.  I assume johnpoz & doktornotor are more informed, and seem to have offered help.  I joined this thread, as it's generally good forum etiquitte to not clog boards with multiple threads for the same issue.

                      I've looked Here: Use an existing wireless router with pfSense, AND here: Accessing modem from inside firewall, but haven't able to get it done.

                      Let's not forget that not all of us know BSD commands, the pfSense interface.  Not all are 1337 firewall admins.  I'm coming over from Ubuntu Linux.  In order for me to dump my linux desktop, in my situation, I need to get my pfSense box fully working for me, with either a FreeNAS or a NAS4Free box on an OPTx interface.  It might help to clarify what info is requested, and how it's obtained.

                      For example you can go to:

                      Diagnostics -> Command Prompt,

                      or, assuming default pfSense WebGUI IP,

                      http://192.168.1.1/exec.php

                      and issue

                      netstat -r
                      

                      Of course the GUI gives that info:

                      Diagnostics -> Routes

                      - OR -

                      http://192.168.1.1/diag_routes.php

                      Myself, I woudn't have included screenshots, unless what I posted was seriously in doubt.

                      No, Ahmed, I do NOT have the answer.  I would have offered it up, if I had something.

                      1 Reply Last reply Reply Quote 0
                      • A
                        ahmedfac
                        last edited by

                        sorry Elludium
                        it is my bad english  language
                        thank you for replay
                        i think it is easy to access modem but it look hard as i can not get answer here
                        i still waiting for answer

                        1 Reply Last reply Reply Quote 0
                        • E
                          Elludium_Q-36
                          last edited by

                          Well, as the others mentioned, your configuration is very "busy".  Or, as johnpoz wrote:
                          @johnpoz:

                          …this seems like one big giant mess to me.

                          For my present configuration, I have no problem doing:

                          Diagnostics -> Factory Defaults

                          - OR -

                          http://192.168.1.1/diag_defaults.php

                          Which brings up:

                          Diagnostics: Factory defaults help

                          • If you click "Yes", the firewall will:
                            Reset to factory defaults
                            LAN IP address will be reset to 192.168.1.1
                            System will be configured as a DHCP server on the default LAN interface
                            Reboot after changes are installed
                            WAN interface will be set to obtain an address automatically from a DHCP server
                            webConfigurator admin username will be reset to 'admin'
                            webConfigurator admin password will be reset to 'pfsense'
                          • Are you sure you want to proceed?

                          That is, if I thought it would help.

                          The others may be busy themselves, as it's the middle of the work day in North America and many are just winding down from work, in Western Europe.

                          I have a question.  Did you put public IP addresses on your router's LAN and the pfSense WAN and OPT WAN interfaces, so that you would be able to log onto the routers' GUI interfaces, just as a public website?

                          1 Reply Last reply Reply Quote 0
                          • J
                            joako
                            last edited by

                            Speedtouch PPPoA-to-PPTP Bridge wow I have not seen or written those words in a long time. The default IP of the modem is actually 10.10.10.138 or see the manual for "ping of life"  procedure but don't use the 11.11.11.138 address! I think you can put them all in the same subnet. Once you have the correct subnet you will have to uncheck "block private networks" under the modem's interface.

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.