Access modem from inside the firewall

  • Hello everyone,

    I am new to pfSense and just got 2.0.2 installed yesterday. I tried to follow this guide: to access my modem from inside of the firewall. I can ping the modem ip ( on the pfSense box (use SSH shell) or choose the interface (modemaccess) created via webgui. However I can't ping it if choose LAN interface. Also I can not ping or access the modem from any other machines within the LAN.

    My lAN  is and modem ip is

    I can't figure out which part was wrong. Probably something with NAT?

    Please help.


  • LAYER 8 Global Moderator

    So your modem is, but your pfsense wan gets a public IP??  Or does your pfsense wan get a 192.168.2.x address and your behind a double nat?

  • I believe it is double NAT because the great Bell Canada. They only have one modem for VDSL (25M/10M) and it has been discussed at dslreport for quite some time. It only allow PPOE pass through at this moment.

    So the modem has a static ip pfSense PPOE will get a public IP. And also the modem will get another public IP. Regardless, the internet works fine for now. Speed is ok. I normally get the same speed either use that modem as router/modem or use pfSense as router. It is just that the model will stop responding after  a couple hours of 80% load.  pfSense works great so far.

  • Can anyone help? I am trying second time to explain my situation. My LAN is Modem has IP It has 4 port LAN so if I take a laptop, set the IP to and connect to the modem then I can access the web gui of the modem.
    I followed the doc for the setup on pfSense. I can ping is using SSH console. I can ping if I choose the interface I created for modem access using pfSense web gui. I can NOT ping if I choose LAN interface. I can NOT ping or access the web gui of the modem use any computer connected inside the firewall.
    I suspect I missed something for the firewall rules but can figure out which it is.
    Please help.


    You did the instructions under 2.0 right?

    I did this for both my modems which are an MLPPP set.

    OPT2 * * * * NO

    OPT3 * * * * NO

    You have a rule that allows your LAN to all - or have a rule that will allow LAN to your modem?

  • Yes, I followed 2.0 instructions. Here is the rule under NAT outbound:

    MODEMACCESS  *  *  *  *  NO

    I can ping under web gui if I choose MODEMACCESS but can NOT if I choose LAN. I do have a rule to allow LAN to all.

    *  LAN net  *  *  *  *  none    Default allow LAN to any rule

    Any suggestions?

  • Can you post the settings of your opt interface?

  • @chpalmer:

    Can you post the settings of your opt interface?

    Here is the interface configuration. There is no firewall rules under that interface tab.

Log in to reply