Text only | Text with Images

OPNsense Forum

English Forums => General Discussion => Topic started by: kermitxyz on December 11, 2024, 11:33:15 PM

Title: failover working but can't access modem
Post by: kermitxyz on December 11, 2024, 11:33:15 PM
I have created a failover group and all works fine, but I cannot access the configuration page of the 4G modem

The LAN address is 192.168.123.0

The modem is attached to one of the router interfaces with static IP 192.168.100.100  and the modem has static IP 192.168.100.254

Under System: Gateways: Configuration  The 4G gateway has IP 192.168.100.254

Ping monitoring works, failover works, and I CAN ping 192.168.100.254 from an SSH session to the router.  However, I can't ping it from my desktops

What do I need to do to fix this?  I wondered about adding a route in system  > routes but it says "Do not enter static routes for networks assigned on any interface of this firewall"

Any advice most welcome 
Title: Re: failover working but can't access modem
Post by: Patrick M. Hausen on December 11, 2024, 11:38:40 PM
Add an outbound NAT rule on that particular interface.
Title: Re: failover working but can't access modem
Post by: ludarkstar99 on December 12, 2024, 02:43:24 AM
Also, make sure there's a firewall rule in LAN interface, on top of the list, allowing the lan subnet (source) to the modem address (destination), without force any gateway or gateway group - just leave default.
Title: Re: failover working but can't access modem
Post by: kermitxyz on December 12, 2024, 03:37:40 PM
Quote from: Patrick M. Hausen on December 11, 2024, 11:38:40 PMAdd an outbound NAT rule on that particular interface.
As in Firewall > NAT > Outbound ?

Changed Modem to Hybrid (auto after manual rules)

I have created rule:

Interface: LAN
Destination address 192.168.100.254/32
Translation/target : 4G_IF_Address (i.e. the 4G modem interface)

But this does not help.
Title: Re: failover working but can't access modem
Post by: kermitxyz on December 12, 2024, 03:40:52 PM
Note - if I disable the fibre (default) gateway, I can then ping both 192.168.100.100 (the address of the 4G interface) and 192.168.100.254 (the address of the 4G modem).  It is just when the preferred gateway is working that I can no longer ping these IPs.

This is not a major problem, but it would be useful to be able to access the 4G modem via web.

Title: Re: failover working but can't access modem
Post by: kermitxyz on December 12, 2024, 03:41:40 PM
Quote from: ludarkstar99 on December 12, 2024, 02:43:24 AMAlso, make sure there's a firewall rule in LAN interface, on top of the list, allowing the lan subnet (source) to the modem address (destination), without force any gateway or gateway group - just leave default.
Since you said "also" do I need to do both this and the other suggestion?  I am struggling with this now!
Text only | Text with Images