Hi
I have a LAN network managed by a hardware firewall with OPNsense 18.7.8 64 bit to which is connected, on its WAN port, a VDSL2+ router in Bridged mode. So, in order to access the Internet, I need to use the OPNsense PPPoE mode.
This network has the addresses 192.168.1.x while the VDSL2+ router has the address 10.0.0.1 .
Now, how should I configure the firewall to access the router's web interface by LAN computers?
Thanks
Bye
Could someone help me do this?
Thanks
Bye
Configure another port in OPNsense for this net and also Plug in to modem
Quote from: mimugmail on November 24, 2018, 07:45:40 PM
Configure another port in OPNsense for this net and also Plug in to modem
Maybe, you didn't understand: I would like to access the web interface of the VDSL2+ router connected to the WAN port of the firewall and configured in bridge mode.
So, how do I configure the firewall so that I can access the web interface of the this router remembering that, to access the Internet, I use the PPPoE protocol on the WAN port?
Thanks
Bye
Please reread my again. It explains it ...
Quote from: mimugmail on November 25, 2018, 10:29:49 AM
Please reread my again. It explains it ...
I'm sorry, but if I now try to access the router's web interface from the LAN, I get the message "I can't access the site" because the LAN and the router belong to two different networks.
So, how should I access the router's web interface from the LAN?
Thanks
Bye
Dont you have a third interface?
Quote from: mimugmail on November 25, 2018, 12:18:23 PM
Dont you have a third interface?
What would be the point of having a third physical interface on the firewall when the VDSL2+ router is already connected to its WAN port?
Thanks
Bye
For me, it would only be necessary to create a virtual interface that acts as a gateway between the LAN network and that of the VDSL2+ router with the appropriate rules.
If my reasoning is correct, how can I do this?
Thanks
Bye
Your PPPoE interface (WAN by default) will have a parent ethernet interface. Set up a new interface for that (e.g. DSLWeb) and give it a static IP address in the subnet of the modem's web interface. Set up an outbound NAT on this interface and allow 80/443 TCP.
There is a writeup about this for the other *sense: https://www.netgate.com/docs/pfsense/interfaces/accessing-modem-from-inside-firewall.html
Bart...
I followed the above document but, with that configuration, I can't access the router and I can't even navigate.
You could look at my images and tell me where I went wrong.
(http://i64.tinypic.com/14k8pqg.jpg)
(http://i64.tinypic.com/b5f6yq.jpg)
Thanks
Bye
Why would you want to access your VDSL2+ modem/router when it's set to bridge mode anyway?
It's a brdige. There's nothing to do on it anymore?
A Zyxel Speedlink can run in bridge mode and you can manage it via a dedicated port, but then you also need a dedicated port at the OPNsense:
Quote from: mimugmail on November 24, 2018, 07:45:40 PM
Configure another port in OPNsense for this net and also Plug in to modem
I need to access the router from the LAN because it also acts as a telephone switchboard.
I noticed something strange: when I activate the manual mode of the NAT OUTBOUND, I can no longer browse on the Internet. How come? Should I create some rules by chance? If so, which?
When I had the firewall with pfSense, I could still access the router from the LAN and always used the PPPoE protocol to access the Internet. Now, why can't I do it anymore with OPNsense?
Thanks
Bye
Quote from: balubeto on November 27, 2018, 11:59:20 AM
I noticed something strange: when I activate the manual mode of the NAT OUTBOUND, I can no longer browse on the Internet. How come? Should I create some rules by chance? If so, which?
Set to hybrid instead of manual and check if default rules at the bottom are in place
Quote from: balubeto on November 27, 2018, 11:59:20 AM
When I had the firewall with pfSense, I could still access the router from the LAN and always used the PPPoE protocol to access the Internet. Now, why can't I do it anymore with OPNsense?
Usually it works the same way here, so just do the things you did with pfsense
In attachment, there is a configuration to access a modem/router connected to a firewall's WAN port. Is it possible to improve it?
Thanks
Bye
It looks good, can you check with packet capture If you are receiving packets?
Quote from: mimugmail on November 27, 2018, 06:48:19 PM
It looks good, can you check with packet capture If you are receiving packets?
How would I be able to check this?
Thanks
Bye