Accessing my modems web interface.
-
I have searched the forums and have setup just the way this doc says. http://doc.pfsense.org/index.php/Accessing_modem_from_inside_firewall
how I have it setup so far..
WAN interface PPPOE (em1) - Public IP
LAN interface em0 - 192.168.0.1
MODEM interface em1 - 192.168.1.253 - No Gateway set
My modems IP is 192.168.1.254
Outbound NAT config: Inferface - MODEM
Source 192.168.0.0/24
Source Port: *
Dest: 192.168.1.0/24
Dest Port: *
NAT Adddress: *
NAT port: *
Static Port: NOCant ping 192.168.1.254, can ping the modem interface though.
Im running 2.0 RC. Is there something I'm missing?
-
On your modem interface do you have Block Private Networks enabled? (See Interfaces -> em1, scroll down to Private Networks section) If so, ping replies from your modem will get blocked.
-
No, both are unblocked.
-
Your modem doesn't have a route back to your LAN, so you need to NAT. Easiest way to do that, if you're using automatic outbound NAT, is just to specify a gateway IP on your modem interface (it can be anything, doesn't matter) so it treats it like an Internet connection.
On your modem interface do you have Block Private Networks enabled? (See Interfaces -> em1, scroll down to Private Networks section) If so, ping replies from your modem will get blocked.
No they won't, only applies to traffic initiated on that interface.
-
Yes, I'm running auto outbound NAT.
I tried creating a gateway in the 192.168.1.0 range but it would only let me set 192.168.1.253 (the Modem interface IP)
After I did that I ran trace route to 192.168.1.254 and it went through the WAN gateway. (10.20.21.36)
Also its coming up as 192-168-1-253.tpgi.com.au which is my ISP's reverse dns address. I don't really understand why it would do that.
-
Sounds like you might have the subnet on your 'modem interface em1' set incorrectly. By default it comes up as /32 and it needs to be /24.
You should be able to set a gateway as any address in the same subnet but if you have a /32 subnet there is only one IP available.
Easily overlooked, I did! ::)Steve
-
Thank you all, working straight away after putting the modem interface to /24