Understanding Virtual IPs

Started by hushcoden, October 21, 2023, 10:11:16 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
October 21, 2023, 10:11:16 PM Last Edit: October 21, 2023, 10:14:20 PM by hushcoden
I've created a VIP (see picture) on a different subnet than my LAN net (192.168.0.1/24), and I can't understand how to make that IP visible (the modem I need to reach is on 192.168.2.1) e.g. pingable from a device within my LAN: could someone  please guide me?

I believe I have to create an NAT outbound rule, what exactly?

Tia.
October 21, 2023, 10:18:21 PM #1
Needs to be on the internal interface, not WAN as it appears on the screenshot.
October 21, 2023, 10:26:54 PM #2 Last Edit: October 21, 2023, 10:32:47 PM by hushcoden
Ah I see, and then I just need a firewall rule on LAN interface with source LAN net and destination 192.168.2.1/24 and that's it, no NAT outbound rule ?

I need to access the modem GUI through the WAN cable between the OPNsense device and the modem itself.
October 21, 2023, 10:40:30 PM #3
The only one I have I've put in the same subnet so didn't need any rules but your guess is what I would expect to have to do.
October 21, 2023, 10:45:01 PM #4
The point is that I don't know how to do that, how my LAN device can see the modem ??
October 21, 2023, 11:12:32 PM #5
Oh wait, WAN might have been correct. Modem is on the WAN side, right? That is, the modem is on 192.168.2.1 and your LAN is 192.168.0.1/24. Had to re-read your first post, sorry.
Are you able to follow this https://forum.opnsense.org/index.php?topic=33497.msg162897#msg162897
October 21, 2023, 11:44:31 PM #6
Yes, modem is on the WAN and thanks for the link, I'm going to check that.
October 24, 2023, 07:22:53 PM #7
So, I managaed to make it working following that guide, but in Firewall: Log Files: Live View I see lots of requests coming from 0.0.0.0 - what does it mean?

Tia.
October 25, 2023, 10:26:14 AM #8
Could someone guide me on how to troubleshoot this?

Tia.
October 25, 2023, 10:36:52 AM #9
Source: 0.0.0.0
Destination: 255.255.255.255
Port: 4944
Protocol: UDP

The modem tries to tell the router the status of its DSL Line via Broadcast message. That can safely be ignored or you turn off that your modem does this.

Reference:
https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
4944    No    Unofficial          DrayTek DSL Status Monitoring[221]
Hardware:
DEC740
October 25, 2023, 11:20:38 AM #10
@Monviech  A big, fat THANK YOU!
October 25, 2023, 11:45:33 AM #11 Last Edit: October 25, 2023, 12:16:24 PM by hushcoden
And another question: I'm experiencing an annoying issue, i.e. after enabling the Modem_GUI interface I have no Internet connection at all, why on earth is this ?  >:(

I've attached the configuration.
October 25, 2023, 12:47:21 PM #12
Maybe you have a rogue gateway that gets enabled when you enable the interface? Try to check your gateways and give your upstream ones a higher priority (for example 240).
Hardware:
DEC740
October 25, 2023, 01:06:40 PM #13 Last Edit: October 25, 2023, 01:18:57 PM by hushcoden
I've attached the gateways - my understanding is that the first one has been created as in the Moded_GUI interface I've checked the option Dynamic gateway policy but I don't know if I should checked it or not ?

And if so, should I change the MODEM GUI gateway priority from 254 to 240 ?

Besides, as for the NAT Outbound rule, should I select the option 'Static Port' ??
Thanks.
Print
Go Up Pages1
User actions