Access to Modem GUI from LAN



  • Hi,

    Sorry for that, I make some search but I don't find / understand solutions found.

    My LAN interface is on 192.168.0.1/24
    I want access to the modem GUI which is on 192.168.2.254.
    Pfsense : WAN interface is on static IP : 192.168.2.91

    Someone can help me ?  :(

    Best regards



  • Because your WAN interface is already in the private subnet of the "modem" then I guess the "modem" is actually still in "routing" mode. That should actually make it easy - browsing to 192.168.2.254 from LAN should get you straight to the modem GUI.

    What happens from a client if you "traceroute 192.168.2.254"?
    Can you ping 192.168.2.254 from pfSense?

    In Interfaces->WAN uncheck Block Private Networks - but actually that should not be an issue when initiating the session from LAN.



  • Thanks for reply !!! :)

    Actually from the LAN network, I can't ping the IP 192.168.2.254
    If I do a traceroute I have :
    192.168.1.254 (192.168.1.254) time time
    192.168.2.254 (192.168.2.254) time

    If I browse IP 192.168.2.254, I have an error by Squid
    Connection to 192.168.2.254 failed
    The system returned : (61) Connection refused

    I have Multi-WAN activate (modem 1 on 1.254 and modem 2 on 2.254



  • I guess you have some load-balancing rule that is sending the ping packets alternately to each WAN. Put an ordinary pass rule at the top of LAN Firewall Rules for all traffic from LAN to WAN1net and WAN2net. You do not want the local stuff to be messed with by policy-routing rules.
    Then Squid is intercepting the connection attempt from your browser, and I guess proxies it out the default gateway. I do not use Squid, but I presume there is also a way to stop it grabbing the local traffic.



  • Last time I checked you can make exemptions in the squid config.



  • @Kejianshi : I have this for ACL on squid
    192.168.1.0/24
    192.168.2.0/24

    @Phil.davis :
    Something like this ?




  • for testing, I was connect on an another wifi network (which is not under squid).

    In this case (same firewall rules),
    I just have an "unable to connect".



  • up ??


  • Banned

    Ditch squid. The howto on doc.pfsense.org just works on sane setups.


Log in to reply