Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 6 replies
  • Answers 1 answer
  • Subscribers 5 subscribers
  • Views 11233 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Access Modem webpage through UTM

RickAlderson

I cannot access my cable modem webpage from my network.  Internet access works fine.

My network is set up as follows:

internet -> cable modem -> external NIC -> UTM -> internal NIC -> switch -> LAN

My ISP provider tells me that the IP address for the modem should be 192.168.100.1

The external interface gets an IP from the ISP via DHCP (Type: Ethernet, Dynamic IPv2 checked, Default GW checked).

The internal interface is 192.168.5.1/24.

When trying to access the modem webpage at 192.168.100.1, the Firewall Live Log shows default drops for external IP adresses going to my internet IP address.

I have tried adding in an Additional Address of 192.168.100.1/24 on the external interface, and then when I try and connect the Firewall Live Log shows default drops for my client (192.168.5.50) to 192.168.100.1

The only firewall rule I have in place is Internal Network -> Any -> Any.  I have tried adding in various firewall rules, but the connection still gets blocked.

Anyone have any ideas?

Thanks



This thread was automatically locked due to age.
Parents
  • 0

    The issue being the cable modem is not able to intercept an IP address that way. You need to create a secondary interface on the external NIC using the address range of your modem.

    You will then need a rule for that interface and a NAT rule as well. The rule will need to be top of the list and very explicit so that you don't try and send other traffic to that destination.

    Forgot, if you are using the webproxy you will need a site bypass addition for that destination address.

    Ian

  • 0 in reply to rfcat_vk

    Ian

    Thanks for your response.

    Unless I am doing something wrong, you can't add another interface on the external nic - you get an error "Interface type requires exclusive access to the network interface".  I thought the way was to set up an Additional Address as per my OP?

    Aanway, I have tried again with a Firewall rule of: Any -> Any -> External Wan modem (i.e. the Additional Address of 192.168.100.1), but it is still blocked.

    Also I am not sure on what you mean for the NAT rule.  I know some cable modems restrict access to devices on the same subnet, but I dont think that is what is going on here due to the firewall logs.  In any case adding a SNAT rule of: Internal (network) -> Any -> External (Wan) [Modem] (address) with Source translation to 192.168.100.2 doesn't make any difference.


    Web filtering and Intrusion prevention are off.

    Thanks

Reply
  • 0 in reply to rfcat_vk

    Ian

    Thanks for your response.

    Unless I am doing something wrong, you can't add another interface on the external nic - you get an error "Interface type requires exclusive access to the network interface".  I thought the way was to set up an Additional Address as per my OP?

    Aanway, I have tried again with a Firewall rule of: Any -> Any -> External Wan modem (i.e. the Additional Address of 192.168.100.1), but it is still blocked.

    Also I am not sure on what you mean for the NAT rule.  I know some cable modems restrict access to devices on the same subnet, but I dont think that is what is going on here due to the firewall logs.  In any case adding a SNAT rule of: Internal (network) -> Any -> External (Wan) [Modem] (address) with Source translation to 192.168.100.2 doesn't make any difference.


    Web filtering and Intrusion prevention are off.

    Thanks

Children