Cable modem access
-
Hi everyone!
I have one of those cable modems that pass me a public IP via DHCP on the pfsense WAN interface and
also keep up a management/status interface listening on 192.168.100.1.
I've managed to access the modem interface through the manual provided here:
https://doc.pfsense.org/index.php/Accessing_modem_from_inside_firewall (the 2.0 part on the bottom).Now, most of the time I'm using pfsense to connect to an OpenVPN server, during which I cannot access
the modem status interface. What do I need to do so I can access the status interface even when I'm connected
to another VPN server?Kind Regards,
SnakeZZ
-
How about just disconnect from the vpn as a simple solution.. What is exactly on this modem status page that you need to keep checking? ;) My cable modem is on 192.168.100.1 as well - and I can see a log you can see your signal levels, etc.
Just not sure why you would need to look at these unless there was some sort of problem with your internet connection.. I would think one of first things you would do if having a internet connection problem is disconnect from the vpn ;)
That being said - I assume you have some sort of policy routing in place to have clients use the vpn connection that pfsense has - so ie pointing them to your gateway that is the vpn. You would need to put in a rule above that allows for routing to 192.168.100 via pfsense normal routing vs sending the traffic down the vpn.
-
Yeah, yeah, totally true… disconnecting would be the easiest way ;-)
That being said... I'd like to learn and understand that from a scientific curiosity point-of-view ;-)
Would the policy routing go through the DHCP gateway (Currently I have two: The DHCP one and the VPN one) - which would be the DHCP-aquired public ip address or would I need to create an entirely new gateway just for that private netblock between pfsense and the modem (I've tried the latter and it didn't work)?!?Kind Regards,
SnakeZZ
-
Can you post your lan rules on pfsense where your telling your lan clients to use your vpn connection?
So you created a VIP on your wan interface in the 192.168.100.0/x network – and then created a outbound nat rule?
I can access my modems config without doing anything special on pfsense.. I have a dhcp address on my pfsense wan 24.13.x.x connected to my cable modem.. But if I go to 192.168.100.1 on my client my modemstatus page comes up without having to do anything in pfsense with vip or nats or anything.
But if you created a vip on your wan, and then and outbound nat.. For that to be working you have to be using pfsense routing - if you put a specific GATEWAY in your lan rules - see attached for my lan rules. See how gateway is *.. So if I want to talk to say my wlan or dmz then pfsense just uses its local routing table to get there.
If you put in a specific gateway, this over rides the use of pfsense routing table.. Unless you put a rule above that that allows the traffic to whatever locally you want to allow - like 192.168.100 network off your wan via a VIP.
Or - not quite sure, are you talking on a PC (something behind pfsense) using its dhcp interface or a vpn client your running on that device.. The way I read it your using pfsense as the connection to your vpn and routing all machines behind pfsense through the vpn connection.