IP Alias on DHCP'd interface
-
Hi,
I have a WAN interface connected to a cable modem, which uses DHCP.
I wanted to add an ip alias to that interface - 192.168.100.x - to be able to access the admin interface of the modem.
This worked fine under normal circumstances, but I found if the connection went down and the interface lost the WAN IP via DHCP, it seemed as if it added the ip alias first and that became the primary ip - so when the WAN IP came back via DHCP, they were the wrong way round.
Is there any way round this?
Currently i've had to resort to only adding the alias when I actually want to access the modem interface, and removing it again afterwards.
Thanks,
Ian
-
I'm a bit confused here. Why exactly do you need to define an IP alias just to access the modem's admin page?
-
because it's on 192.168.100.1 - but my WAN2 interface, when the connection is up and it's done DHCP, has my internet-routable IP, eg: 81.xxx.xxx.xxx.
So I defined an IP Alias of 192.168.100.10, which worked nicely, other than it betting made the primary ip and breaking things when the connection went down and came back again.
-
because it's on 192.168.100.1
Why can't you reach it by using its IP address? Maybe a quick & dirty network diagram would help.
IP aliases allow one of your pfSense NICs to assume another IP address. This is typically used in conjunction with NAT port forwards. You do not use them to assign an IP address that's already in use by another device on the network.
-
The modem's IP is 192.168.100.1.
But on pfsense that interface has the internet-routable IP.
In normal operation, the modem is invisible. But sometimes it's useful to see it's admin interface.
Assigning an ip alias of 192.168.100.10 (which is different to .1 so not in use?!) works fine - other than the ordering bug I described.
Diagram:
Virgin Media <–coax--> Cable Modem (192.168.10.1) <--ethernet--> pfsense: igb2 - (81.123.123.20 via DHCP / 192.168.100.10)
-
Where's WAN2 in this mix?
-
igb2 is WAN2
-
Could you fill in the blanks or correct me if I have this wrong?
-
No, sorry! - it looks like this!
There is of course a WAN1, and lots of LAN VLAN interfaces, but that's not relevant here.
![Screen Shot 2017-01-26 at 19.08.16.png](/public/imported_attachments/1/Screen Shot 2017-01-26 at 19.08.16.png)
![Screen Shot 2017-01-26 at 19.08.16.png_thumb](/public/imported_attachments/1/Screen Shot 2017-01-26 at 19.08.16.png_thumb) -
OK now I understand but unfortunately I don't have a solution for you other than to manually assign a VIP when you need to access the modem admin page, which have already thought of.