Access modem on wan from lan on pfsense 2.2 rc
-
visio, paint, crayon and napkin that you take picture of with your phone.. Some sort of diagram that shows your connection. As I said before it would be RARE that you would ever use a bridge.. There just really is not reason for it these days.
Only time I would think you might do it is when different media types - say you had a fiber card in pfsense and you wanted this fiber network to be on the same network as your normal copper network. In that case you might leverage pfsense to bridge your fiber network to your copper network.
But it would not be best choice - best choice would be to add a fiber connection to your switch where your copper is, etc.
I really can not think of when it would be good idea to bridge vs use a switch to be honest.
Did you get your other modem working. If not I can TV in again and fix it up.
-
i got other modem working once i looked at what you did (and namely the firewall rule that you added). i'm a bit new to pfsense, closest thing i've used to it before would be dd-wrt but that's miles behind what pfsense can do
(links because forum <br />here's images of setup: https://i.imgur.com/xMenQdj.jpg | https://i.imgur.com/ZDlTEkT.jpg<br /><br />and here's a dia drawing to follow along with: https://i.imgur.com/IY8VJSx.png)
-
Yeah that setup makes no sense.. If you want to leave your AP connected, I would put it on its own segment so you can firewall your wifi from the rest of the network. Your sending all your broadcast/multicast traffic out your wifi for no point. And you have no security between wifi and your wired unless your wanting to to be transparent?
If you want it on the same broadcast domain then just plug it into the switch.
As to the deca, again pointless to bridge it to your lan. Why not put that on its own segment as well if you want to have better setup and you have the interfaces.. It is only 100mbps connection as well - what does it talk to on your network? If it does talk to stuff on your network then just connect it to your switch.
You could use a bridge if you wanted to have a transparent firewall between devices on each side of the bridge.. But in your setup I would break put those on their own segments wireless and wired. As to the deca, not sure what use there is of putting that on same segment as your lan or wifi - from my understand it only uses that ethernet connection for internet.
"With DECA coax networking, the DVRs only use your home network for internet access"
So that really should just be on its own segment, bridging it to your network would only slow down your other networks.
So you could still leverage your nics on your pfsense, but just segment your 3 networks.. So you would have LAN network, say 10.0.0/24 and your modem networks (10.0.1,2/24) and then your deca could be 10.0.4/24 and your wifi could be 10.0.5/24 – this gives you easy to mange filewall controls and 3 different broadcast domains to keep the broadcast and multicast noise off those other networks.
-
reason it's all the same is because any device on any of the three networks has to be able to talk to any device on any other network (for instance remote monitoring of applications on wifi devices from a wired desktop. i'm not sure exactly what all the deca bridge does, supposedly it's supposed to allow devices on the network to stream from it, but i've not had much luck with that (also not had the best of luck keeping the receiver from locking up, and that's after updating it). i'll probably stuff everything on the switch once i build a smaller computer that will sit where the ap is now and get some shorter cords so it's less of a mess.
-
"reason it's all the same is because any device on any of the three networks has to be able to talk to any device on any other network"
Then they should all be connected to switch, your bridge is not buying you anything but slower connectivity. My wifi devices can talk to my wired devices - but I have them on 2 segments because my wifi devices sure an the hell don't need to see my wired networks broadcast or multicast traffic.
Everything I read about the deca stuff is your whole home dvr stuff is on the coax network.. The ethernet is just for internet.. What equipment do you have, I am directv user for example - both of my dvrs are on network just from from connection on the back of them. To stream recorded shows to your mobile I do believe you need genie to go.. I don't have genie yet - but I can watch recorded shows from my dvrs on my PC and they are not on the same network segment, etc.
-
yeah, i have the genie, got it as a free upgrade for "moving" after a house fire late last year, eventhough new house is on the same plot of land, just a different area, but i'm not gonna argue with that logic if it means i get free premium stuff.
-
Same here, anybody had any success accesing modem gui?
-
Same here, anybody had any success accesing modem gui?
Works just fine here - see below (modem on 192.168.255.1)
-
My modem is on bridge mode, im not using ppoe, can i use this adding 2nd interface method?
-
My modem is on bridge mode as well… Not sure how's PPPoE related here. This is using a dedicated NIC on pfS with cable plugged to modem's LAN port. This will work as long as your modem has some LAN IP address outside your normal LAN subnet defined on pfSense. If it has none, well then there's nothing to access.
-
Ok yes now i got the idea, yes with one extra nic physically connected to the modem, fixed ip on the modem's subnet you can access it
But i was thinking on the original idea of one virtual ip and the outbound nat rule involving this virtual ip you dont need the extra nic. In fact i had this configuration in 2.0 and it was working ok, but now i cannot get it to work again. Thanks doktornotor
-
Are you referring to this? https://doc.pfsense.org/index.php/Accessing_modem_from_inside_firewall
I don't think that howto is intended for bridged modem setup at all (the NAT just makes no sense for this setup.) As for extra NIC, well… not really needed if using PPPoE, you could recycle WAN for that - but, first of all, that sounds like a hack to me, plus - this NIC is onboard POS unused for anything since it sucks badly.
-
This post is deleted!
