Hi
I know a few people are using Draytek routers with something sat in front in bridge mode (another modem) - and a few of those have asked if it's possible to access the management IP of the modem from the internal network, without having to patch network cables from the 'dirty' side outside the router to the 'clean' internal side... Since I've moved house to somewhere 'rural' I am now running a pair of sharedband bonded modems in front of my Draytek (to give me a whopping 6M connection), here's the solution that I came up with...
Guide is based on a Draytek 2860, items may be in different locations for other models.
My network Topo:
Sharedband Modem 1 = 10.0.0.1
Sharedband Modem 2 = 10.0.0.2
Internal network = 192.168.0.0/24
Step 1. On the Draytek add a 'Wan IP Alias' under 'Internet Access', 'Wan 2', 'Details Page'. This should be in the same subnet as your external modems management addresses. In my case I used 10.0.0.3.
Step 2. Go to 'Load Balance / Route Policy'. Create a new entry:
Protocol = Any
Source IP = Any
Destination IP = Destination IP range = The management IP address of your *first* Modem (10.0.0.1).
Destination Port = Any
Send via If Criteria Matched:
Interface = Wan2 (or whichever ethernet interface your traffic is routed via)
Next field should let you select an IP address - pick the one that you defined as your 'Wan IP Alias' earlier.
Gateway = Specific Gateway. Choose the IP address of the management port of your modem (10.0.0.1).
Save the rule.
If you have more than one external modem, you need to repeat the process for each, creating a separate 'Load Balance / Route Policy' rule for each with the relevant management IPs.
To explain what you have done and why:
You have added an additional IP address on the outside of your Draytek, which is on the same subnet as your external modem(s). You have then set up a static route in the Draytek to send any traffic going to these addresses directly to the modem, rather to the default gateway (the internet) where it would likely be dropped. This means you should be able to access the management (web) interface on the routers, and if they support SNMP / Router Stat collection then this should work as well.
Same principles would probably also apply on other brands of routers, but execution would be different...
Hope it helps someone!
Thanks
Jon