Modem GUI/SSH access stops when pfsence has active PPPOE connection.
-
Its an echolife issue.
On your wan setting under service list , just bind it to lan1 not to both (which is the case if you have them both unchecked.
Have the other lan also plugged in on same lan (or vlan) like lan1 lan2 and pf wan port
http://prntscr.com/m0cxuf -
@netblues
I guess You are talking about 2 cable configuration here. If both ticks are unchecked it lets You use only one cable and get internet as well as GUI access. See this:
https://forum.kitz.co.uk/index.php?topic=17671.0
This worked perfectly on tomato router but refuses to work on pfsense when PPPOE link is made.
Putting a tick in to LAN1 binding lets only PPPOE traffic go through. GUI will not work on LAN1. It will be accessible on LAN2 only. Which is not an issue if it would work. I have done what you suggested. Tick on LAN1 and put 2nd cable to my pfsense with another interface created on that port. Same thing. I can access GUI until PPPOE connection is made. -
@girtsj 2nd cable on the same physical pfsense lan via a simple switch?
I have this working with a linux pppoe (centos) and works.I doubt pf is any different accesing hg612.
-
@netblues must be something in settings.. If I plug in 2nd cable to LAN switch there is no access. But then if I manually change IP on my PC adapter properties to 192.168.3.2 (modem is 192.168.3.1) I can access the modem GUI. But then I have no access to internet and pfsense as it bypasses its lan (192.168.1.0).. any ideas? Maybe virtual IP?
-
@girtsj
Hey
Show the rules on the Lan interface
I have a hunch you're redirecting traffic through the openvpn tunnel . -
@konstanti here:
Rule 1 from top forwards certain sites to VPN as some are blocked in UK.
Rule 2 forwards my synology nas to VPN.
Rule 3 forwards the rest of LAN to wan gateway so it dont go to VPN. -
@girtsj
1 NAT not needed
2 create a rule after the first
source 192.168.1.0 / 24 destination 192.168.3.0 / 24 and default gateway
For example
-
@konstanti like this?
Still no dice.. -
@girtsj
I don't see the ModemAccess interface in the picture -
@konstanti sorry disabled it
still a no-go -
@girtsj said in Modem GUI/SSH access stops when pfsence has active PPPOE connection.:
still a no-go
Diagnostics/ Packet Capture
Interface ModemAccess
Show me the result of the packet capture.
And Huawei IP route table -
I'm sorry, I think NAT needs
Another option is to change the IP address of the modem, for example, 192.168.1.55/32 with default gateway 192.168.1.1 (don't know which gateway address). And plug the cable from the modem into the network switch . And test the connection -
@konstanti thought that without nat rule it won't work.
Will give this a go. -
I really don't get it.. Huawei PPPOE connection is binded to LAN1 port on modem. GUI access is through LAN2. MODEMACCESS interface on pfsense is on different port than WAN. It all works:
22:12:45.552442 IP 192.168.3.2.55771 > 192.168.3.1.80: tcp 0
22:12:45.552885 IP 192.168.3.1.80 > 192.168.3.2.55771: tcp 0
22:12:45.553547 IP 192.168.3.2.55771 > 192.168.3.1.80: tcp 0
22:12:45.554795 IP 192.168.3.2.55771 > 192.168.3.1.80: tcp 610
22:12:45.555131 IP 192.168.3.1.80 > 192.168.3.2.55771: tcp 0
22:12:45.557256 IP 192.168.3.1.80 > 192.168.3.2.55771: tcp 112
22:12:45.557630 IP 192.168.3.1.80 > 192.168.3.2.55771: tcp 434
22:12:45.557918 IP 192.168.3.2.55771 > 192.168.3.1.80: tcp 0
22:12:45.558918 IP 192.168.3.2.55771 > 192.168.3.1.80: tcp 0
22:12:45.559042 IP 192.168.3.2.55771 > 192.168.3.1.80: tcp 0
22:12:45.560042 IP 192.168.3.2.55771 > 192.168.3.1.80: tcp 0
22:12:45.560417 IP 192.168.3.2.55771 > 192.168.3.1.80: tcp 0
22:12:45.560541 IP 192.168.3.2.55771 > 192.168.3.1.80: tcp 0
22:12:45.560628 IP 192.168.3.1.80 > 192.168.3.2.55771: tcp 0
22:12:45.867621 IP 192.168.3.2.31225 > 192.168.3.1.80: tcp 0
22:12:45.867862 IP 192.168.3.2.7015 > 192.168.3.1.80: tcp 0
22:12:45.868066 IP 192.168.3.1.80 > 192.168.3.2.31225: tcp 0
22:12:45.868191 IP 192.168.3.1.80 > 192.168.3.2.7015: tcp 0
22:12:45.868360 IP 192.168.3.2.31296 > 192.168.3.1.80: tcp 0
22:12:45.868690 IP 192.168.3.1.80 > 192.168.3.2.31296: tcp 0
22:12:45.868861 IP 192.168.3.2.34624 > 192.168.3.1.80: tcp 0Until i log into PPPOE. It all goes dead..
-
@girtsj You can download capture ?
I need a file packetcapture.cap -
@konstanti here You go. Just rename extension to .cap. Can't upload otherwise. This is with PPPOE inactive by the way.
0_1546208810275_packetcapture.txt -
@girtsj
When is active ?
I so understand that now access to the modem is possible ? -
@konstanti no. access is not working when pppoe session is live. cap file was generated when pppoe was inactive. I changed to wrong password so it cant log in to my ISP.
-
@girtsj
and you can get a cap file when pppoe is active ?? -
@konstanti here You go
0_1546210937815_packetcapture.zip