Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: What's The Best Way To See Modem Info Through A Hardware Firewall ?.  (Read 3447 times)

tickmike

  • Kitizen
  • ****
  • Posts: 3640
  • Yes Another Penguin !. :)

What's The Best Way To See Modem Info Through A Hardware Firewall ?.

I use a Hardware Firewall (Smoothwall) .
DSLstats
Modem (at the moment--- NOTE this works well !) Huawei HG612 'Bridged' PPPoE (PPPoE is from smoothwall box not the Modem ! ) using both LAN 1 and LAN 2

If I want to try another Modem the 'smoothwall box' blocks any modem data.

Any advice for a safe way to configure both so I can see the Modem stats and not compromise my net security ?.

I'm Not Going To use port 23 as I see 25,000 probes a Day at the moment in my firewall logs:o  :'(.
« Last Edit: December 19, 2016, 11:13:36 AM by tickmike »
Logged
I have a set of 6 fixed IP's From  Eclipse  isp.BT ADSL2(G992.3) line>HG612 as a Modem, Bridge, WAN Not Bound to LAN1 or 2 + Also have FTTP (G.984) No One isp Fixed IP >Dual WAN pfSense (Hardware Firewall and routing).> Two WAN's, Ethernet LAN, DMZ LAN, Zyxel GS1100-24 Switch.

Ronski

  • Moderator
  • Kitizen
  • *
  • Posts: 4300
Re: What's The Best Way To See Modem Info Through A Hardware Firewall ?.
« Reply #1 on: December 19, 2016, 06:44:12 AM »

LAN 1 on the HG612 is the modem, and should be connected to the WAN port on the Smoothwall. LAN 2 should just be connected to the switch. I can't remember the standard IP address for LAN 2, but with a normal unlocked configuration of the modem it has no access to/from the internet - it's just the same as any other device on your internal network.

This is how I have mine setup on Pfsense, you basically have LAN 2 on the wrong side of the firewall.
« Last Edit: December 19, 2016, 07:02:12 AM by Ronski »
Logged
Formerly restrained by ECI and ali,  now surfing along at 390/36  ;D

tickmike

  • Kitizen
  • ****
  • Posts: 3640
  • Yes Another Penguin !. :)
Re: What's The Best Way To See Modem Info Through A Hardware Firewall ?.
« Reply #2 on: December 19, 2016, 11:18:53 AM »

LAN 1 on the HG612 is the modem, and should be connected to the WAN port on the Smoothwall. LAN 2 should just be connected to the switch.

Yes that's correct, that's what I do and it works well.

My point is if say I want to try an old DG834GT on my long line there is only the modem LAN 1 so you can not use the above method.
Logged
I have a set of 6 fixed IP's From  Eclipse  isp.BT ADSL2(G992.3) line>HG612 as a Modem, Bridge, WAN Not Bound to LAN1 or 2 + Also have FTTP (G.984) No One isp Fixed IP >Dual WAN pfSense (Hardware Firewall and routing).> Two WAN's, Ethernet LAN, DMZ LAN, Zyxel GS1100-24 Switch.

Ronski

  • Moderator
  • Kitizen
  • *
  • Posts: 4300
Re: What's The Best Way To See Modem Info Through A Hardware Firewall ?.
« Reply #3 on: December 19, 2016, 12:23:04 PM »

I was wondering why you had both ports connected and couldn't get stats  ::)

I see you've made the post clearer now, or I've woken up.

Perhaps VLANS would be the way to go so long as the modem supports it. Although the DG834GT has more than one port, whether you can separate them like the HG612 I don't know.

https://wiki.openwrt.org/toh/netgear/dg834gt
Logged
Formerly restrained by ECI and ali,  now surfing along at 390/36  ;D

nallar

  • Member
  • **
  • Posts: 55
    • Smokeping
Re: What's The Best Way To See Modem Info Through A Hardware Firewall ?.
« Reply #4 on: February 11, 2017, 06:34:50 PM »

The instructions for doing this with a single LAN port on pfSense are here: https://doc.pfsense.org/index.php/Accessing_modem_from_inside_firewall

Never used smoothwall, but hopefully it allows a similar configuration.
Logged
Virgin Media cable, A&A ADSL. OPNsense router.

Dray

  • Kitizen
  • ****
  • Posts: 2361
Re: What's The Best Way To See Modem Info Through A Hardware Firewall ?.
« Reply #5 on: February 11, 2017, 07:04:29 PM »

What if you're not using PPPoE?
Logged

nallar

  • Member
  • **
  • Posts: 55
    • Smokeping
Re: What's The Best Way To See Modem Info Through A Hardware Firewall ?.
« Reply #6 on: February 11, 2017, 07:16:14 PM »

In that case there should be no special configuration needed. Did you make sure the modem's configured on its own subnet?

Example setup with multiple modems with accessible web interfaces:


WAN_CABLE is connected to an Arris cable modem on em3. The router uses DHCP and gets given a public IP address on that port. The modem's web interface is available on 192.168.100.1. As this is on another subnet, when I access that it just works(TM).

MODEM_DSL is connected to a Vigor 130 modem on port em1. The router uses DHCP and gets given a private IP address on that port. The modem's private IP address is set up at 192.168.101.1. Accessing 192.168.101.1 also works.

WAN_DSL is a PPPoE connection over port em1. The modem web interface isn't accessible over that.
Logged
Virgin Media cable, A&A ADSL. OPNsense router.

Dray

  • Kitizen
  • ****
  • Posts: 2361
Re: What's The Best Way To See Modem Info Through A Hardware Firewall ?.
« Reply #7 on: February 11, 2017, 07:31:04 PM »

Thanks for that :)
Logged

tickmike

  • Kitizen
  • ****
  • Posts: 3640
  • Yes Another Penguin !. :)
Re: What's The Best Way To See Modem Info Through A Hardware Firewall ?.
« Reply #8 on: March 06, 2017, 02:57:44 PM »

Up-dating this post for info.
After BTOR fixed my line I have got around to trying an old DG834GT modem and to see the stats through my hardware firewall (Smoothwall) I did what you do when using an HG612 * to have your modem LAN address on the same IP range as your LAN eg, 192.168.0.1/24  , so for the modem I used 192.168.0.2 and loop it to my switch.

* see  http://www.kitz.co.uk/routers/hg612unlock.htm
Logged
I have a set of 6 fixed IP's From  Eclipse  isp.BT ADSL2(G992.3) line>HG612 as a Modem, Bridge, WAN Not Bound to LAN1 or 2 + Also have FTTP (G.984) No One isp Fixed IP >Dual WAN pfSense (Hardware Firewall and routing).> Two WAN's, Ethernet LAN, DMZ LAN, Zyxel GS1100-24 Switch.
 

anything