Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Reroute or NAT

    NAT
    4
    10
    1347
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Qinn
      Qinn last edited by

      Hi there I have a piece of hardware that has a hard coded ip for the firmware updates, so I cannot change it and it seems the firmware server has changed a few years back. So I think the following might work…

      iptables -t nat -A PREROUTING -d xxx.xxx.xxx.xxx -p tcp -j DNAT --to-destination yyy.yyy.yyy.yyyy

      , but I don't know how to do this using pfsense,  thanks for any help or pointers or any other advise.

      Cheers Qinn

      1 Reply Last reply Reply Quote 0
      • johnpoz
        johnpoz LAYER 8 Global Moderator last edited by

        huh??  What sort of moronic company would hard code an IP for firmware updates?

        Can you not locally load the firmware?

        What hardware is this exactly?  But sure you can do a port forward forward to accomplish what you want.. But just seems moronic that any company would do such a thing??  Have you contacted this company about it?

        1 Reply Last reply Reply Quote 0
        • Qinn
          Qinn last edited by

          Thanks for the quick reply  :)

          @johnpoz:

          huh??  What sort of moronic company would hard code an IP for firmware updates?

          It's a Vonets VAR11N-300 and yes it's moronic company, but that's the way it is http://www.vonets.com/serviceView.asp?D_ID=123

          @johnpoz:

          Can you not locally load the firmware?

          Nope, there are no open ports only 80 (webserver) and pusing the upgrade button is the only way. Second best option is to remove the casing and connect directly to the print, which is my last resort.

          @johnpoz:

          What hardware is this exactly?  But sure you can do a port forward forward to accomplish what you want.. But just seems moronic that any company would do such a thing??  Have you contacted this company about it?

          It's being used as a wireless bridge for a Dreambox and they are a Chinese company :(, see link above, so not much hope there.

          1 Reply Last reply Reply Quote 0
          • johnpoz
            johnpoz LAYER 8 Global Moderator last edited by

            I don't see anywhere in that link where it says its a hardcoded IP that its looking for??

            Just shows you how to connect to it and click the upgrade button.  So how did you determine what the IP it is looking for, and what is the new ip it needs to be sent too?

            1 Reply Last reply Reply Quote 0
            • Qinn
              Qinn last edited by

              @johnpoz:

              I don't see anywhere in that link where it says its a hardcoded IP that its looking for??

              Just shows you how to connect to it and click the upgrade button.  So how did you determine what the IP it is looking for, and what is the new ip it needs to be sent too?

              Yes and a conformation http://bbs.vonets.com/forum.php?mod=viewthread&tid=16845&extra=page%3D1&page=2

              1 Reply Last reply Reply Quote 0
              • johnpoz
                johnpoz LAYER 8 Global Moderator last edited by

                Wow..  So yes this 121.201.111.2 answers on 80.. Get the default II7 page.. Just Fing wow!!!

                You want to use this hardware why???

                But sure you can do a redirect from that OLD IP if that is what your box is asking for.. 211.154.131.164 to the above one

                Here.. Make sure you use LAN or whatever interface you have this connected to on pfsense..  You can then go to the OLD IP in your browser and get sent to the new IP on 80..

                Hope that helps.. Is quite possible could be using some other port than 80, but doubt it.. you could always sniff on pfsense when you click the update button and see exactly what its trying to do and go.


                1 Reply Last reply Reply Quote 0
                • Qinn
                  Qinn last edited by

                  @johnpoz:

                  Wow..  So yes this 121.201.111.2 answers on 80.. Get the default II7 page.. Just Fing wow!!!

                  You want to use this hardware why???

                  But sure you can do a redirect from that OLD IP if that is what your box is asking for.. 211.154.131.164 to the above one

                  Here.. Make sure you use LAN or whatever interface you have this connected to on pfsense..  You can then go to the OLD IP in your browser and get sent to the new IP on 80..

                  Hope that helps.. Is quite possible could be using some other port than 80, but doubt it.. you could always sniff on pfsense when you click the update button and see exactly what its trying to do and go.

                  Thanks for your help and time so far, I tried the rule, but no updates so far. So I tried Wireshark to analyze the data outgoing from the Vonets, but I get too much info (or my knowledge of Wireshark is to low). Is there an easy way using pfS to see whats happeing, the moment I press upgrade? You hinted at that?

                  1 Reply Last reply Reply Quote 0
                  • johnpoz
                    johnpoz LAYER 8 Global Moderator last edited by

                    do the sniff on pfsense on the lan or interface your device is connected to and put in its IP as the source.  Then download that so you can open in wireshark.. Post up this wireshark sniff and I can take a look to where its trying to go.

                    Did you validate that the site works via calling up the IP in your browser and getting that IIS7 default page I showed?

                    The wireshark sniff will show us exactly what its trying to do, maybe its trying to go to a different IP?  Or use a different port, etc.

                    1 Reply Last reply Reply Quote 0
                    • D
                      doktornotor Banned last edited by

                      RMA this shit. Problem solved.

                      1 Reply Last reply Reply Quote 0
                      • JKnott
                        JKnott last edited by

                        I guess they need to provide a firmware update, with the new address.  ;)

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post

                        Products

                        • Platform Overview
                        • TNSR
                        • pfSense
                        • Appliances

                        Services

                        • Training
                        • Professional Services

                        Support

                        • Subscription Plans
                        • Contact Support
                        • Product Lifecycle
                        • Documentation

                        News

                        • Media Coverage
                        • Press
                        • Events

                        Resources

                        • Blog
                        • FAQ
                        • Find a Partner
                        • Resource Library
                        • Security Information

                        Company

                        • About Us
                        • Careers
                        • Partners
                        • Contact Us
                        • Legal
                        Our Mission

                        We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                        Subscribe to our Newsletter

                        Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                        © 2021 Rubicon Communications, LLC | Privacy Policy