Managing WAN side modems from LAN network

idkpmiller

I have two WAN connections.

WAN => Cable Modem
DSL (OPT1) => DSL router

Both ineternet connections are working fine.

My issue is that from devices on the LAN network I need to be able to use ICMP, SNMP and HTTP to manage the devices. I cannot seem to get this to work.

For the WAN connection there is an added complication that the Cable modem acts as a bridge meaning that my WAN interface on pfsense has a public IP address, the cable modem has a 192.168.100.1 Management IP address. in my previous firewall setup I accomplished this by adding a secondary IP to the WAN interface which I set to 192.168.100.2 and performed NAT on LAN sourced traffic with a destination of 192.168.100.1 using the address of 192.168.100.2 as the source NAT address. I can't seem to add secondary IP addresses to pfsense.

Second problem.
With the DSL connection I have a number of devices between the PFsense DSL interface and the DSL gateway which are all on the same subnet which is a RFC1918 address block. I do not have blocking of RFC1918 on this interface. I once again would like to NAT any traffic destined for the 192.168.1.0/24 network which was sourced from the LAN network using the DSL interface address of 192.168.1.2 so that all devices would be able to respond back to a device on their subnet (no addition of static routes needed. I cant seem to get this to work.

Any help appreciated.

Thanks

GruensFroeschli

http://forum.pfsense.org/index.php/topic,5727.msg34562.html#msg34562

Also for future reference:
http://doc.pfsense.org/index.php/How_can_i_access_my_PPPoE_Modem_on_WAN

idkpmiller

Thanks for the links, will check those out. Still very confused why it doesn't work without punching redirects across the firewall.

Is there a way to add a secondary IP to my WAN interface to solve the first issue in my original post?

Cheers

GruensFroeschli

http://doc.pfsense.org/multiple-subnets-one-interface-pfsense.pdf

idkpmiller

getting stuck adding the package. is there something I need to do to get FTP to work?

pkg_add -r redir

Error: FTP Unable to get ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.0-release/Latest/redir.tbz: File unavailable (e.g., file not found, no access)
pkg_add: unable to fetch 'ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.0-release/Latest/redir.tbz' by URL

Cheers

idkpmiller

it would seem the directory structure has changed and should not use

ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.0-release/Latest/redir.tbz

instead it should be:

ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7-stable/Latest/redir.tbz

I assume the path should be changed in a file somewhere. can someone point out where?

Thanks

jimp

The URL used for pkg_add -r is based off of the machine's FreeBSD version. Since the one you are using is based off of 7.0-RELEASE, that's the package set you can get.

As you've seen, you can override this by specifying the whole URL, but there may be some cases where that might not work properly. It's probably better to let this happen on a case-by-case basis than to always pull the new packages.