Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 7 replies
  • Subscribers 28 subscribers
  • Views 11759 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Access admin web GUI for an LTE modem in bridge mode?

dma0

Hi there. I have a backup LTE modem that has been set up in bridge mode (so that XG sees the public IP address of the modem). I did the initial set up by attaching it directly to a computer. I also changed the "internal" IP address of the modem to 10.0.10.250. I selected that IP address as it's an unused address on my management VLAN (10.0.10.0/24). When connected directly to my PC and my PC is manually assigned a 10.0.10.X IP address, all works swimmingly - internet access works just fine and I can access the web GUI to manage the modem.

What I can't seem to figure out is how to enable access to the web GUI once deployed to the XG. Internet connectivity works just fine, but I can't figure out a way to access the web GUI. I've searched through the forums, but while there were a few posts on how to do this in UTM, there didn't seem to be any for XG. This post seemed to be the most helpful, but I can't quite figure out how to implement in XG.

Initially, I tried setting up a static route (under Configure/Routing/Static Routing) by setting Destination to 10.0.10.250/32 and Interface to Port 3, the LTE modem (which shows its public IP address), but wasn't quite sure what to set for Gateway. XG requires the Gateway to be in the same network as the Interface, so I'm a bit perplexed as to what to set the Gateway to.

I also tried creating a Business Application Rule, selecting the DNA/Full NAT/Load Balancing Template and set the Source Zone to the Management VLAN, Allowed Client Networks to Any, but then got stuck as I wasn't sure how to the Destination & Service and Forward to. Just purely guessing, I set Destination to Port 3 (the LTE modem showing the external IP) and Forward to as 10.0.10.250 (the IP address set in the modem to access the admin gui), which didn't work. Nor did swapping them - i.e. setting Destination to 10.0.20.250 and Forward to public IP address of the modem.

Any suggestions would be most appreciated.



This thread was automatically locked due to age.
Parents
  • 0

    I have come across a similar situation, although may not be the same.

    I used a standard LTE Modem on another router, which used a Dymanic Public IP address, which could not be accessed externally (e.g. from the public internet), I found this to be related to the way that LTE modem (not assigned a Static Public IP) was assigned an IP addressed by the provider, the IP address from the Mobile provider that did not allow external access..at all

    The only way I got around this was to get LTE SIM card (from Vodafone at the time they were the only one to supply such a beast) that provided static Public (although this is really a 1 to 1 NAT to a private IP). note this does give problems to VPN connections .. lol

    I also noted that the private IP also stopped access when using 2 LTE devices side by side on the same device (a bit like the option in WiFi for Client Isolation).

     

    I hope this explanation helps.. let me know

  • 0 in reply to Argo

    Jason - thanks very much for your thoughts. However, I think you were dealing with a somewhat different issue. I perhaps didn't explain what I was trying to do as clearly as I should have: I'm not trying to enable inbound access from the internet into my LAN through the LTE modem (at least not at present). Rather, what I'm trying to do is to access the admin web GUI of the modem itself (to change the configuration, update firmware, look at statistics, etc.) from the LAN. I don't want or need to access the admin web GUI from the internet - in fact if anything I'd like to be able to disable any such access.

  • 0 in reply to dma0

    my mistake, although setting this LTE modem in bridge mode would not allow you to do this, as any device in bridge mode would remove this option.

    I tried to do this on a LTE Router/Modem, a "globetrotter" (I think).

    more thoughts ... I have a Draytek 2860 in bridge mode and I must connect to the device directly before being able to update the firmware or make any change to the profile of the Modem.

    although in theory if I had another LAN interface on my FW, I could set it up the access the IP Address internally, but as I said this is just theory, as I don't have another outward facing interface.

  • +1 in reply to dma0

     I think you were on the right track in your first post about using static routes. I have 2 sites that I do the exact same thing with. One is a modem only and cannot do any kind of NAT. It just passes the public ip to the XG. The other is a gateway that is in bridge mode like your lte modem. 

     

    This is the screenshot from the one that is just a modem and cannot do NAT. For this one, the static route points straight to the modems ip and no gateway was needed. Only the port.

     

    This is the screenshot from the one that is a router in bridge mode. The static route for it is the subnet of the router and the gateway is the public ip gateway for the ISP. The port is the interface for the router with the usable public ip. Hope this helps. Every ISP router is a little different but hopefully you can try a combination of the 2 to get it working for you.

  • 0 in reply to MichaelBolton

    Michael - thank you very much for this information. The first option managed to do the trick for me. I admittedly feel like a bit of a dumbass - didn't even occur to me to just omit the gateway. Thanks again!

Reply Children