On 12/15/2020 3:39 PM, Justin Pryzby wrote:
On Tue, Dec 15, 2020 at 11:06:34PM +0000, Paul Elliott wrote:
My cable modem sits outside the firewall (on the net NIC) on the IP
address 192.168.100.1, and with my current setup I cannot connect to
it, either from the internal network or the firewall. I would like to
do this in order to be able to see its status page.
If the modem is supplied by your ISP, there's a possibility that they
have disabled customer access to that page. I know the ISP I use stops
customer's accessing.
You need to add an address on the (a) interface that's on the same subnet as
the cablemodem. If the server has a public IP (probably if the cablemodem is
in "bridging" mode), then you probably need a *second*, private address on that
interface, to connect to the cablemodem on its *internal* IP (because it
probably won't accept management connections from the big bad WAN port).
You'll want an ./masq entry to use that internal address when talking to the
modem. You can check that's working using tcpdump -nni 'host cablemodem'.
If you used a multi-ISP setup, you'd also have to add that IP to the
route_rules.
I am presuming here that I would need to setup another zone in order to
allow routing, but then I don't have another NIC to bind this to, so I
am confused. Can anyone point me in the right direction here? I hope I
have provided enough information.
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
