Cannot access bridged modem web interface
-
I have followed this guide to try and access my bridged modems web interface within my LAN:
http://wiki.m0n0.ch/wikka.php?wakka=AccessingModemOutsideFirewall
Some of the NAT settings are different in pfsense, ie. the NAT 'TARGET' IP and some other bits.
My bridged modem has IP 10.10.10.1 (this can be accessed ok if i directly connect a PC to it)
My LAN is on 192.168.1.0/24
What kind of NAT / RULES settings do i need for it to work?
-
Here's a thread with a different approach. Used it myself previously.
http://forum.pfsense.org/index.php/topic,5727.0.html -
MODEM = 10.10.10.1/24
LAN = 192.168.1.254/24
WAN = 76.X.X.X
pkg_add -r redir
I've managed to get redir installed, this bits okifconfig fxp0 10.10.0.2/24
fxp0 is my WAN NIC, however, because its in bridge mode it is using my ISPs static public IP.
If i rename my WAN NIC to a IP what is on my modems subnet, I obviously will lose
connection to the internet, so instead i made a alias like this:ifconfig fxp0 10.10.0.2/24 alias
redir –lport 8989 --cport 80 --caddr 10.10.10.1 &
I can now access the pfsense configuration page using 192.168.1.254 and i can access my modems configuration page using 192.168.1.254:8989,
when i click on google, the first time i click, firefox waits... then the second time i click it comes up, its the same with every website i visit, sometimes you need to click them lots of times before the page appears. If i remove this alias: ifconfig fxp0 10.10.0.2/24 alias everything is back to normal, however i obviously cannot access my modems config page again. Do i need some other kind of setting to stop pfsense routing internet traffic through my modems subnet? -
Your WAN is on the same subnet as your LAN.
Except for some rare occasions you don't want to do this!How does the modem connect to your ISP and where did you enter user/password (modem or pfSense)?
By now you described your network as:
(IP 76.x.x.x) modem (10.10.10.1/24) –- (WAN 192.168.1.254/??) pfSense (LAN 192.168.1.??/24)If your modem is in bridge mode then you should enter your user/password at pfSense WAN settings and your public IP should be on that interface then.
Usually through DHCP request from your ISP.
But you are going to tell me... -
How does the modem connect to your ISP and where did you enter user/password (modem or pfSense)?
My ISP is O2 Broadband in the UK, its ADSL2+ / EthoA. I dont need a username or password to connect, i just put in the static public IP and gateway on the pfsense WAN interface and it connects!
My network is actually configured like this, i showed wrong information before!
modem (10.10.10.1/24) –- (WAN IP 76.x.x.x) pfSense (LAN 192.168.1.254/24)
-
pkg_add -r redir ifconfig [i]fxp0[/i] 10.10.10.2/24 redir --lport 7654 --cport 80 --caddr 10.10.10.1 &In this example 'fxp0' is the real WAN interface (on which pfSense runs PPPoE).
In the example it gets an IP address (10.10.10.2/24) from the modem's subnet (10.10.10.0/24) assigned and
redir puts a Proxy on port 7654 of the pfSense and forwards it to the modem on port 80
You can access the modem by connecting to any of the pfSense's addresses (e.g. LAN) on port 7654 and get redirected to the modem's WEBGUI.That should do it in your address space.
Don't forget to replace the WAN interface (fxp0 in this example) with your actual interface, found at: Interfaces: Assign
Use the entry in the WAN drop down box left hand side from the bracketed MAC address. -
fxp0 = WAN NIC on pfSense box = 76.X.X.X (My ISP public static IP)
pkg_add -r redir
^^ this installs redir okifconfig fxp0 10.10.10.2/24
^^ My WAN interface has been given my ISPs public static IP, my internet connection will be lost if i do the above? Should i be making a alias instead?redir –lport 7654 --cport 80 --caddr 10.10.10.1 &
^^ Sure I can access my modems config page like this, however there will be no internet connection because my WAN interface IP will now be 10.10.10.2/24 and it should be my public IP 76.X.X.X so i can access the internet? -
Your WAN IF gets an additional address from the modem's subnet.
Check it out. -
BEFORE WAN/fxpo = 76.X.X.X = ISP public IP = what is required for internet connection
ifconfig fxp0 10.10.10.2/24
^^ my WAN interface gets this address what is from my modems subnet, this removes my static public IP what is required for internet connection. Seems like you can only have internet access or modem access, not both at the same time!
-
You just need AON.
-
Have the same problem as dustybin - cannot telnet to bridged modem behind pfSense.
Important: my ISP doen't use PPPoE or PPTP, so my WAN interface is just static public IP, let say 84.x.x.x.Picture showing complete network configuration is in the attachment.
So obviously to access modem management interface (192.168.1.1), I have to assign two IPs on WAN interface of pfSense: public (84.x.x.x) and the one from modem's subnet (f.e. 192.168.1.2).
If I go straightforward and assign 192.168.1.2 as IP alias:
ifconfig rl1 192.168.1.2/24 aliasthen I run into the same problems as were described by dustybin:
…when i click on google, the first time i click, firefox waits... then the second time i click it comes up, its the same with every website i visit, sometimes you need to click them lots of times before the page appears.I've played around Virtual IPs instead ifconfig alias, however had no success at all.
I'm using AON, as suggested by ermal, however, I believe it will not solve the problem itself, as you will need two IPs on single WAN interface anyway, and this is the main problem.
Any help will be greatly appreciated.
