Messages

Well my OPNSense LAN is configured for 192.168.1.0, and according to the manual for the Spectrum Charter cable modem it should be configured for 192.168.100.1. And I can ping 192.168.100.1 and only that IP and nmap tells me that only 80 and 443 are open on that address, so I feel confident that the modem DHCP should be configured for that IP range. So I don't know that going through and changing my LAN IP Pool will change anything there.

I guess I'll try plugging a laptop directly into the modem, see if there appears to be any settings I can actually change there or not. I don't think Spectrum issued modems typically give you a lot of settings to tinker with. But maybe there's something there that will help me.

This is why I am so confused. Everything I can find seems to say I shouldn't need to do anything special and it should just work and be accessible, but it's not.

I have the WAN and LAN interfaces and the Allow to Any rule on the LAN side. I've had this setup and running for quite a while now. I have no issues with access to internet or devices. I use DHCP and Unbound on the OPNSense router.

Like I mentioned, I can ping the 192.168.100.1 address, nmap shows that it's up and running on ports 80 and 443 when I use the -Pn switches. But it will not load the web page in the browser.

What do you mean about the routing comment? I haven't configured any special kind of routing that I'm aware of.

I'm trying to understand some things about my configuration that do not seem to make sense to me. I have a cable modem connected to my port configured for my WAN interface. The manual for the cable modem seems to indicate that the default DHCP configuration is for range 192.168.100.0. Wouldn't that mean the IP address shown for my WAN interface should be in that range? Instead it's showing a 97.x.x.x IP which looks more like its possibly the external IP of the modem. Is that normal/expected?

Ultimately, I'm trying to figure out what exactly I need to do in order to access my modem web interface through the OPNSense firewall. My internal LAN is configured for 192.168.1.0. I have a firewall rule that allows this LAN to communicate with any other LAN. I have no VLAN or interface configured for a 192.168.100.0 network, but I can ping 192.168.100.1, which is supposed to be the default IP address of the modems web interface. But putting that IP in the browser never loads anything.

Do I need to create a network for that IP range first? I keep playing around with different firewall rules and can't seem to figure this out. Any help would be greatly appreciated.

Thanks

Edit: Additional Info

Code Select Expand

nmap -Pn 192.168.100.1
Starting Nmap 7.80 ( https://nmap.org ) at 2022-06-17 07:17 EDT
Nmap scan report for 192.168.100.1
Host is up (0.031s latency).
Not shown: 998 closed ports
PORT    STATE    SERVICE
80/tcp  filtered http
443/tcp filtered https


Now I'm thinking I've been thinking about this backwards. I've been trying to set rules on the LAN side, do I need to set a rule on the WAN side instead?

I tried disabling the block private networks option for the WAN interface to disable that firewall rule, that didn't appear to change anything.

So apparently I was doing it correctly by setting an override, but it just wasn't resolving it. What I have found, and I've tested this twice now to confirm it, is if I create a override, I cannot get it to resolve. If I go to the DHCP lease table and set any random device to a static entry, the override will begin to resolve. I've tried just restarting the DNS and DHCP services, but it won't work until I set a device to a static entry. I can't imagine this is expected behavior. Does this sound like a bug or do I somehow have something configured incorrectly?

Ok, so I feel like this should be an easy task, as I feel I did this easily on a pihole server with DNS enabled a couple years ago, but for the life of me, I can't seem to figure out how to do this in opnsense.

I have a PC that has an apache web server and a plex media server running on it. I can access the apache web server via hostname.home.net. I can access the plex media server via hostname.home.net:port. I want to set a manual DNS entry so that I can resolve plex.home.net to the same IP as hostname.home.net and then use a reverse proxy in the apache config to forward plex.home.net to the correct port. At least, I think this would be the correct way to do this. This is making me feel real dumb I can't figure this out.

edit: to be clear, in case it's not, I'm looking for help on how to set a manual DNS entry in opnsense, not the apache reverse proxy thing. I have unbound enabled. I don't know if I'm just thinking about this wrong or searching for the wrong terms or what, but no matter what I seem to try it doesn't work.