OPNsense Forum
English Forums => General Discussion => Topic started by: balubeto on November 22, 2018, 07:37:49 pm
-
Hi
I have a LAN network managed by a hardware firewall with OPNsense 18.7.8 64 bit to which is connected, on its WAN port, a VDSL2+ router in Bridged mode. So, in order to access the Internet, I need to use the OPNsense PPPoE mode.
This network has the addresses 192.168.1.x while the VDSL2+ router has the address 10.0.0.1 .
Now, how should I configure the firewall to access the router's web interface by LAN computers?
Thanks
Bye
-
Could someone help me do this?
Thanks
Bye
-
Configure another port in OPNsense for this net and also Plug in to modem
-
Configure another port in OPNsense for this net and also Plug in to modem
Maybe, you didn't understand: I would like to access the web interface of the VDSL2+ router connected to the WAN port of the firewall and configured in bridge mode.
So, how do I configure the firewall so that I can access the web interface of the this router remembering that, to access the Internet, I use the PPPoE protocol on the WAN port?
Thanks
Bye
-
Please reread my again. It explains it ...
-
Please reread my again. It explains it ...
I'm sorry, but if I now try to access the router's web interface from the LAN, I get the message "I can't access the site" because the LAN and the router belong to two different networks.
So, how should I access the router's web interface from the LAN?
Thanks
Bye
-
Dont you have a third interface?
-
Dont you have a third interface?
What would be the point of having a third physical interface on the firewall when the VDSL2+ router is already connected to its WAN port?
Thanks
Bye
-
For me, it would only be necessary to create a virtual interface that acts as a gateway between the LAN network and that of the VDSL2+ router with the appropriate rules.
If my reasoning is correct, how can I do this?
Thanks
Bye
-
Your PPPoE interface (WAN by default) will have a parent ethernet interface. Set up a new interface for that (e.g. DSLWeb) and give it a static IP address in the subnet of the modem's web interface. Set up an outbound NAT on this interface and allow 80/443 TCP.
There is a writeup about this for the other *sense: https://www.netgate.com/docs/pfsense/interfaces/accessing-modem-from-inside-firewall.html
Bart...
-
I followed the above document but, with that configuration, I can't access the router and I can't even navigate.
You could look at my images and tell me where I went wrong.
(http://i64.tinypic.com/14k8pqg.jpg)
(http://i64.tinypic.com/b5f6yq.jpg)
Thanks
Bye
-
Why would you want to access your VDSL2+ modem/router when it's set to bridge mode anyway?
It's a brdige. There's nothing to do on it anymore?
-
A Zyxel Speedlink can run in bridge mode and you can manage it via a dedicated port, but then you also need a dedicated port at the OPNsense:
Configure another port in OPNsense for this net and also Plug in to modem
-
I need to access the router from the LAN because it also acts as a telephone switchboard.
I noticed something strange: when I activate the manual mode of the NAT OUTBOUND, I can no longer browse on the Internet. How come? Should I create some rules by chance? If so, which?
When I had the firewall with pfSense, I could still access the router from the LAN and always used the PPPoE protocol to access the Internet. Now, why can't I do it anymore with OPNsense?
Thanks
Bye
-
I noticed something strange: when I activate the manual mode of the NAT OUTBOUND, I can no longer browse on the Internet. How come? Should I create some rules by chance? If so, which?
Set to hybrid instead of manual and check if default rules at the bottom are in place
When I had the firewall with pfSense, I could still access the router from the LAN and always used the PPPoE protocol to access the Internet. Now, why can't I do it anymore with OPNsense?
Usually it works the same way here, so just do the things you did with pfsense
-
In attachment, there is a configuration to access a modem/router connected to a firewall's WAN port. Is it possible to improve it?
Thanks
Bye
-
It looks good, can you check with packet capture If you are receiving packets?
-
It looks good, can you check with packet capture If you are receiving packets?
How would I be able to check this?
Thanks
Bye