Access modem / gateway webGUI which is "down" to fix internet connectivity
-
LAN: 10.200.0.1/24
WAN1: 192.168.1.254
WAN2: 10.0.0.1For now, these WAN1 and WAN2 links are standard domestic ADSL modem/routers in router mode (I'll switch them in to bridge mode at a later point, but for now I'm trying to get this problem solved).
Without any multi-wan configuration I can access the webGUI of WAN1 by going to http://192.168.1.254 in a browser connected to the LAN side of pfSense. As you'd expect, I can access this modem webGUI whether or not the DSL line is working. This is great because I can make config changes or at least start to diagnose any connectivity problems.
Once I enable multi-wan configuration everything works fine as long as the WAN1 gateway is marked as UP. However, once WAN1 goes down I can no-longer access the webGUI via the LAN (which is frustrating because it's generally when the gateway is down that I would want to access the webGUI to start diagnosing issues). My only option to regain access to the WAN1 webGUI is to disable the WAN2 interface within pfSense. Once WAN2 is disabled (I guess this disabled all multi-wan features) I can once again access the WAN1 webGUI.
I have noticed that when WAN1 gateway is down I can still ping the modem from pfSense itself, but I cannot ping the modem from the LAN side.
Any idea what is going on? How can I force this traffic to go via WAN1 even though the WAN1 gateway is down?
Thanks!
-
This might be a dumb question but why don't you just access the WebGUI at 10.200.0.1?
-
Sorry I wasn't clearer. I'm trying to access the GUIs of the modems, not pfsense itself.
-
This can probably be done with a policy-routing rule directing traffic to the specific modem out the specific WAN interface placed above the one that routes traffic to the gateway group.
-
I think I have tried this, but because the gateway will be marked as down the rule will either be applied without the gateway being considered, or the rule will be skipped all together.
I think that once the gateway is marked as down, pfSense is avoiding sending any LAN traffic via that gateway. It's just strange that I can ping the modems from pfSense itself, just not from the LAN side…
-
You might have to originate traffic from the firewall to make this happen. I don't see any of the options for gateway down rules helping matters.
If your modem is on 192.168.100.1 try this:
ssh -L 8080:192.168.100.1:80 root@pfsense_lan_ip
Log in, then open a web browser to: 127.0.0.1:8080
That might work. There is probably a better way but that comes to mind.
I think putty has the same option but I don't know where it is.
-
Ah, perfect. I managed to follow tutorials on how to get Local Port Forwarding to work in Putty on Windows and it worked a treat.
Thanks for the tip
