Access to Modem GUI from LAN
Sorry for that, I make some search but I don't find / understand solutions found.
My LAN interface is on 192.168.0.1/24
I want access to the modem GUI which is on 192.168.2.254.
Pfsense : WAN interface is on static IP : 192.168.2.91
Someone can help me ? :(
Because your WAN interface is already in the private subnet of the "modem" then I guess the "modem" is actually still in "routing" mode. That should actually make it easy - browsing to 192.168.2.254 from LAN should get you straight to the modem GUI.
What happens from a client if you "traceroute 192.168.2.254"?
Can you ping 192.168.2.254 from pfSense?
In Interfaces->WAN uncheck Block Private Networks - but actually that should not be an issue when initiating the session from LAN.
Thanks for reply !!! :)
Actually from the LAN network, I can't ping the IP 192.168.2.254
If I do a traceroute I have :
192.168.1.254 (192.168.1.254) time time
192.168.2.254 (192.168.2.254) time
If I browse IP 192.168.2.254, I have an error by Squid
Connection to 192.168.2.254 failed
The system returned : (61) Connection refused
I have Multi-WAN activate (modem 1 on 1.254 and modem 2 on 2.254
I guess you have some load-balancing rule that is sending the ping packets alternately to each WAN. Put an ordinary pass rule at the top of LAN Firewall Rules for all traffic from LAN to WAN1net and WAN2net. You do not want the local stuff to be messed with by policy-routing rules.
Then Squid is intercepting the connection attempt from your browser, and I guess proxies it out the default gateway. I do not use Squid, but I presume there is also a way to stop it grabbing the local traffic.
Last time I checked you can make exemptions in the squid config.
@Kejianshi : I have this for ACL on squid
Something like this ?
for testing, I was connect on an another wifi network (which is not under squid).
In this case (same firewall rules),
I just have an "unable to connect".
Ditch squid. The howto on doc.pfsense.org just works on sane setups.