Acessar Página WEB de Roteador em Bridge (RESOLVIDO)
-
Olá!
Estou quebrando a cabeça para acessar a página web de um roteador sem fio (192.168.0.151) configurado em modo bridge que está setado como WAN2 no PF.
Eu segui este tuto, tentando adaptar ao meu caso: http://doc.pfsense.org/index.php/Accessing_modem_from_inside_firewall
[2.0.3-RELEASE]: ifconfig
rl0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
options=8 <vlan_mtu>ether :::::
inet 192.168.1.254 netmask 0xffffff00 broadcast 192.168.1.255 (VIA DHCP)
inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255 (ALIAS)
nd6 options=43 <performnud,accept_rtadv>media: Ethernet autoselect (100baseTX <full-duplex>)
status: activeLAN:
vr0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
inet 192.168.66.254 netmask 0xffffff00 broadcast 192.168.66.255Criei um IP Virtual: WAN2 (rl0) 192.168.0.254
Criei o Outbound NAT: WAN2 (rl0) Source 192.168.66.0/24 - Destino 192.168.0.0/24 - Translation 192.168.0.254
Do PFSense eu consigo pingar:
[2.0.3-RELEASE][admin@.]/root(7): ping 192.168.0.151
PING 192.168.0.151 (192.168.0.151): 56 data bytes
64 bytes from 192.168.0.151: icmp_seq=0 ttl=255 time=2.708 msDe dentro da LAN não consigo ping, mas:
2.0.3-RELEASE][admin@.]/root(8): tcpdump -i rl0 host 192.168.0.151
listening on rl0, link-type EN10MB (Ethernet), capture size 96 bytes
19:36:42.430369 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 30900, seq 1, length 64
19:36:43.438542 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 30900, seq 2, length 64O ping está saindo pela interface certa, com o IP correto do PF, mas acho que alguma coisa está errada com o NAT…
Alguma ideia?
[]'s
Renato
</up,broadcast,running,simplex,multicast></full-duplex></performnud,accept_rtadv></vlan_mtu></up,broadcast,running,simplex,multicast> -
Do PFSense eu consigo pingar:
[2.0.3-RELEASE][admin@.]/root(7): ping 192.168.0.151
PING 192.168.0.151 (192.168.0.151): 56 data bytes
64 bytes from 192.168.0.151: icmp_seq=0 ttl=255 time=2.708 msDe dentro da LAN não consigo ping, mas:
O que o tcpdump mostra no ping a partir do pfsense?
-
Do PFSense eu consigo pingar:
[2.0.3-RELEASE][admin@.]/root(7): ping 192.168.0.151
PING 192.168.0.151 (192.168.0.151): 56 data bytes
64 bytes from 192.168.0.151: icmp_seq=0 ttl=255 time=2.708 msDe dentro da LAN não consigo ping, mas:
O que o tcpdump mostra no ping a partir do pfsense?
[2.0.3-RELEASE]: ping 192.168.0.151
PING 192.168.0.151 (192.168.0.151): 56 data bytes
64 bytes from 192.168.0.151: icmp_seq=0 ttl=255 time=1.216 ms
64 bytes from 192.168.0.151: icmp_seq=1 ttl=255 time=1.053 ms
64 bytes from 192.168.0.151: icmp_seq=2 ttl=255 time=1.048 ms
64 bytes from 192.168.0.151: icmp_seq=3 ttl=255 time=1.064 ms
64 bytes from 192.168.0.151: icmp_seq=4 ttl=255 time=1.049 ms[2.0.3-RELEASE]: tcpdump -i rl0 host 192.168.0.151
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on rl0, link-type EN10MB (Ethernet), capture size 96 bytes
21:47:34.241766 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 39808, seq 0, length 64
21:47:34.242703 IP 192.168.0.151 > 192.168.0.254: ICMP echo reply, id 39808, seq 0, length 64
21:47:35.251407 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 39808, seq 1, length 64
21:47:35.252325 IP 192.168.0.151 > 192.168.0.254: ICMP echo reply, id 39808, seq 1, length 64
21:47:36.261475 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 39808, seq 2, length 64
21:47:36.262396 IP 192.168.0.151 > 192.168.0.254: ICMP echo reply, id 39808, seq 2, length 64
21:47:37.271509 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 39808, seq 3, length 64
21:47:37.272437 IP 192.168.0.151 > 192.168.0.254: ICMP echo reply, id 39808, seq 3, length 64
21:47:38.281551 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 39808, seq 4, length 64
21:47:38.282475 IP 192.168.0.151 > 192.168.0.254: ICMP echo reply, id 39808, seq 4, length 64 -
[2.0.3-RELEASE]: tcpdump -i rl0 host 192.168.0.151
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on rl0, link-type EN10MB (Ethernet), capture size 96 bytes
21:47:34.241766 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 39808, seq 0, length 64
21:47:34.242703 IP 192.168.0.151 > 192.168.0.254: ICMP echo reply, id 39808, seq 0, length 64
21:47:35.251407 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 39808, seq 1, length 64
21:47:35.252325 IP 192.168.0.151 > 192.168.0.254: ICMP echo reply, id 39808, seq 1, length 64
21:47:36.261475 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 39808, seq 2, length 64
21:47:36.262396 IP 192.168.0.151 > 192.168.0.254: ICMP echo reply, id 39808, seq 2, length 64
21:47:37.271509 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 39808, seq 3, length 64
21:47:37.272437 IP 192.168.0.151 > 192.168.0.254: ICMP echo reply, id 39808, seq 3, length 64
21:47:38.281551 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 39808, seq 4, length 64
21:47:38.282475 IP 192.168.0.151 > 192.168.0.254: ICMP echo reply, id 39808, seq 4, length 6419:36:42.430369 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 30900, seq 1, length 64
19:36:43.438542 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 30900, seq 2, length 64Está saindo igual ao pacote vindo da lan, deveria estar funcionando… :(
-
Hoje, do nada, após um reboot, começou a funcionar!!! Não tinha mexido em mais nada, mas por desencargo, resolvi dar um ping após um reboot e respondeu! Consegui acessar a página do roteador sem problemas. ;D
[2.0.3-RELEASE]: tcpdump host 192.168.0.151 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on rl0, link-type EN10MB (Ethernet), capture size 96 bytes 22:23:51.274420 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 13170, seq 1, length 64 22:23:51.275776 ARP, Request who-has 192.168.0.254 tell 192.168.0.151, length 46 22:23:51.275800 ARP, Reply 192.168.0.254 is-at 00:**:**:**:**:00 (oui Unknown), length 46 22:23:51.276565 IP 192.168.0.151 > 192.168.0.254: ICMP echo reply, id 13170, seq 1, length 64 22:23:52.276522 IP 192.168.0.254 > 192.168.0.151: ICMP echo request, id 13170, seq 2, length 64
Mas nem tudo são flores… Notei que após um período de tempo, não descobri o motivo ainda, o alias que crio em tempo de boot para rl0 (<shellcmd>ifconfig rl0 inet 192.168.0.254 netmask 255.255.255.0 alias</shellcmd>), simplesmente desaparece!!! rl0 volta a ficar como:
rl0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
options=8 <vlan_mtu>ether :::::
inet 192.168.1.254 netmask 0xffffff00 broadcast 192.168.1.255 (VIA DHCP)
inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255 (ALIAS)
nd6 options=43 <performnud,accept_rtadv>media: Ethernet autoselect (100baseTX <full-duplex>)
status: activeAo menos não preciso mais derrubar este link para acessar o roteador, já valeu!
[]'s
Renato</full-duplex></performnud,accept_rtadv></vlan_mtu></up,broadcast,running,simplex,multicast>