Firewall log question - what am I looking at
Ok here is a new firewall log can someone explain to me
18.104.22.168 is the ATT DSL IP connection
192.168.0.1 is the ATT modem
192.168.1.1/24 my local LAN
Why is the ATT modem showing up so often in the log?
My computer local lan is 192.168.1.1/24 why can I still open up my modem on 192.168.0.1 isnint that a different net?
What is 22.214.171.124 and why is it showing in the log?
What is 126.96.36.199 and why is it showing in the log?
Didn't we go over this already??
Before you my att dsl modem was at 188.8.131.52 and you were seeing SSDP to multicast address on your LAN port.
I asked in that thread how your connected since you should be seeing traffic from your modem on your LAN interface.
Please draw out your network connection, And you changed your modem lan IP?? So your creating a PPPoE connection of your modem/router that is already making the connection for you?? Thanks what it sounds like to me really.
I have not seen a plain jane dsl modem in years and years, they are ALL gateway devices, ie modem/router combos that do NAT.. I would have to assume with that 192.168.0.1 address its natting.
Anywho – as to seeing traffic from your "modem" Normally any traffic from a private would be blocked and not logged per this setting
Block private networks
When set, this option blocks traffic from IP addresses that are reserved for private networks as per RFC 1918 (10/8, 172.16/12, 192.168/16) as well as loopback addresses (127/8). You should generally leave this option turned on, unless your WAN network lies in such a private address space, too.
So you must of turned that rule off? Why??
I still do not understand and some of the things have been cleared up found a dlink router being used as a switch/hub with no wan took it out etc.
The DSL modem has not changed it is a standalone I have about 50 of these laying around from a former venture
Diagram of connection
DSL4100 DEVICE> cat5e > Network connection 1 on eMachine > pesense software on eMachine > Network connection 2 > cat5e > netgear gigabit switch > home network consisting of 6 ubiquity wireless powerstations 6 acting in bridge mode + 2 picostations as in station mode. > a bunch of pc's, gameboys, several ps3's wii's laptops, cell phones w/wifi and a kindle.
the modem is connected via pppoe and the pcfsense box is connected via dhcp to the modem
Well 3rd bullet from linked to pdf for your "modem"
"Network address translation"
So what mode is this 4100 in?
From this manual for the 4100 and 4200 series "ROUTER" which what you have there not just a modem.
If the device is in bridge mode you loose ppp
The second mode of operation provides only "bridging" functionality. This applies to both WAN-to-LAN connectivity as well as to all LAN-side interfaces. Point-to-Point (PPP) connections are not available under the bridge mode of operation
So you would then have to do your PPPoE on your pfsense box – which would make more sense when I see your public IP there in your logs.
Also says if you put it in bridge mode that you would loose access to its interface
Important! If you switch to Bridge mode, you will lose access to the Web management interface and can only return to Router mode by resetting the Router to factory defaults.
So since you say you can access 192.168.0.1 tells me your in router/NAT mode?? Which if your going to be using your pfsense box for you wouldn't want.
How is your pfsense box getting a public IP on its wan interface if your "4100" is doing nat??
Ok I reinstalled pfsense current 2.0 again, and this time set up the modem as a passthrough with pppoe on router or computer mode,
Set up pppoe on pfsense to get DSL working and this stopped access to 192.168.0.1 and that error has gone away