Cable modem access



  • Hi everyone!

    I have one of those cable modems that pass me a public IP via DHCP on the pfsense WAN interface and
    also keep up a management/status interface listening on 192.168.100.1.
    I've managed to access the modem interface through the manual provided here:
    https://doc.pfsense.org/index.php/Accessing_modem_from_inside_firewall (the 2.0 part on the bottom).

    Now, most of the time I'm using pfsense to connect to an OpenVPN server, during which I cannot access
    the modem status interface. What do I need to do so I can access the status interface even when I'm connected
    to another VPN server?

    Kind Regards,

    SnakeZZ


  • LAYER 8 Global Moderator

    How about just disconnect from the vpn as a simple solution.. What is exactly on this modem status page that you need to keep checking? ;)  My cable modem is on 192.168.100.1 as well - and I can see a log you can see your signal levels, etc.

    Just not sure why you would need to look at these unless there was some sort of problem with your internet connection..  I would think one of first things you would do if having a internet connection problem is disconnect from the vpn ;)

    That being said - I assume you have some sort of policy routing in place to have clients use the vpn connection that pfsense has - so ie pointing them to your gateway that is the vpn.  You would need to put in a rule above that allows for routing to 192.168.100 via pfsense normal routing vs sending the traffic down the vpn.



  • Yeah, yeah, totally true… disconnecting would be the easiest way ;-)

    That being said... I'd like to learn and understand that from a scientific curiosity point-of-view ;-)
    Would the policy routing go through the DHCP gateway (Currently I have two: The DHCP one and the VPN one)  - which would be the DHCP-aquired public ip address or would I need to create an entirely new gateway just for that private netblock between pfsense and the modem (I've tried the latter and it didn't work)?!?

    Kind Regards,

    SnakeZZ


  • LAYER 8 Global Moderator

    Can you post your lan rules on pfsense where your telling your lan clients to use your vpn connection?

    So you created a VIP on your wan interface in the 192.168.100.0/x network – and then created a outbound nat rule?

    I can access my modems config without doing anything special on pfsense..  I have a dhcp address on my pfsense wan 24.13.x.x connected to my cable modem.. But if I go to 192.168.100.1 on my client my modemstatus page comes up without having to do anything in pfsense with vip or nats or anything.

    But if you created a vip on your wan, and then and outbound nat..  For that to be working you have to be using pfsense routing - if you put a specific GATEWAY in your lan rules - see attached for my lan rules.  See how gateway is *.. So if I want to talk to say my wlan or dmz then pfsense just uses its local routing table to get there.

    If you put in a specific gateway, this over rides the use of pfsense routing table..  Unless you put a rule above that that allows the traffic to whatever locally you want to allow - like 192.168.100 network off your wan via a VIP.

    Or - not quite sure, are you talking on a PC (something behind pfsense) using its dhcp interface or a vpn client your running on that device..  The way I read it your using pfsense as the connection to your vpn and routing all machines behind pfsense through the vpn connection.



Log in to reply