Hi

I think the topic name is self explainable, I have the following configuration:

ISP -> ADSL Billion 711 CE Bridged Mode -> WL-500g PPPoE -> Private Network

The management IP of the modem is: 192.168.2.254 and my private network is 192.168.1.0. But I cannot access to the web management page.

I tried to setup an IPv4 192.168.2.1 IP on eth1 at the router, and I started to ping the modem, although I'm not able to do so using any 192.168.1.X address.

My thought was, routes: so I set up a route in the modem so that all traffic to network 192.168.1.0 would go to the LAN interface. It didn't work.

My guess: NAT alied to PPPoE is screwing everything, sending all traffic to the ppp0 interface. I cannot confirm it since I don't have tcpdump or so in the asus.

Does anyone have a clue ?

Firmware in use: 1.9.2.7-6b

Thanks for any help
Nuno

Ok...

I found it out.

Here's the solution:


ifconfig eth1 192.168.2.1 netmask 255.255.255.0
iptables -t nat -I POSTROUTING -o eth1 -d 192.168.2.0/24 -j SNAT --to-source 192.168.2.1

Adapt this code at your needs.. :)

However there's still one problem, whenever PPPoE is restarted the iptables rule has to be set again, is there any way to load it with the other rules when restarting the PPPoE connection?

Nuno

What ip address did you enter to access the modem?

Has anyone else done this?

LK

Has anyone got any info on this?

LK

My modem is configured with IP: 192.168.2.254 .

Here http://oleg.wl500g.info/#tips you'll find what you need to have the firewall rules to be properly setup whenever PPPoE restarts.

Hope this helps.

Nuno

Thanks njs!

I'll try that tonight.

Cheers,
LK.

Ok set my modems address to 192.168.2.254 for sake of simplicity.

My router is 192.168.1.1

So far,
192.168.2.254 times out.
192.168.2.1 goes to the router homepage:confused:
192.168.1.1 goes again to the router homepage:confused: :confused:

Any ideas?

Thanks,
LK.

Can you post here your interfaces configuration ? (ifconfig) and iptables -L -t nat ?

Regards,
Nuno

/usr/local/sbin/post-firewall


#!/bin/sh
ifconfig eth1 192.168.2.1 netmask 255.255.255.0
iptables -t nat -I POSTROUTING -o eth1 -d 192.168.2.0/24 -j SNAT --to-source 192.168.2.1

er.. sorry.

Please post here the output of the ifconfig and iptables -L -t nat

What is your router model ?

Nuno

Sorry Nuno my mistake:



[root@wl500gx root]$ ifconfig
br0 Link encap:Ethernet HWaddr 00:11:D8:97:DE:EF
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::211:d8ff:fe97:deef/10 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:30412 errors:0 dropped:0 overruns:0 frame:0
TX packets:86745 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:5178543 (4.9 MiB) TX bytes:52190146 (49.7 MiB)

eth0 Link encap:Ethernet HWaddr 00:11:D8:97:DE:EF
inet6 addr: fe80::211:d8ff:fe97:deef/10 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:52903 errors:0 dropped:0 overruns:0 frame:0
TX packets:131513 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:33357101 (31.8 MiB) TX bytes:27153288 (25.8 MiB)
Interrupt:4 Base address:0x1000

eth1 Link encap:Ethernet HWaddr 00:11:D8:97:DE:EF
inet addr:192.168.2.1 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::211:d8ff:fe97:deef/10 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:30368 errors:0 dropped:0 overruns:0 frame:4572
TX packets:128371 errors:106 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:5600645 (5.3 MiB) TX bytes:56411815 (53.7 MiB)
Interrupt:2 Base address:0x4000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MULTICAST MTU:16436 Metric:1
RX packets:99264 errors:0 dropped:0 overruns:0 frame:0
TX packets:99264 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:8515880 (8.1 MiB) TX bytes:8515880 (8.1 MiB)

ppp0 Link encap:Point-Point Protocol
inet addr:194.125.97.239 P-t-P:193.95.142.243 Mask:255.255.255.255
UP POINTOPOINT RUNNING MULTICAST MTU:1492 Metric:1
RX packets:22030 errors:0 dropped:0 overruns:0 frame:0
TX packets:15205 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:19886995 (18.9 MiB) TX bytes:3188731 (3.0 MiB)

vlan0 Link encap:Ethernet HWaddr 00:11:D8:97:DE:EF
inet6 addr: fe80::211:d8ff:fe97:deef/10 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:88578 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:20969935 (19.9 MiB)

vlan1 Link encap:Ethernet HWaddr 00:11:D8:97:DE:EF
inet6 addr: fe80::211:d8ff:fe97:deef/10 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:52903 errors:0 dropped:0 overruns:0 frame:0
TX packets:42932 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:32404847 (30.9 MiB) TX bytes:6183135 (5.8 MiB)





[root@wl500gx root]$ iptables -L -t nat
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
VSERVER all -- anywhere 194.125.97.239
NETMAP udp -- anywhere 194.125.97.239 udp spt:6112 192.168.1.0/24

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
SNAT all -- anywhere 192.168.2.0/24 to:192.168.2.1
NETMAP udp -- 192.168.1.0/24 anywhere udp dpt:6112 194.125.97.239/32
MASQUERADE all -- !194.125.97.239 anywhere
MASQUERADE all -- 192.168.1.0/24 192.168.1.0/24

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain VSERVER (1 references)
target prot opt source destination
DNAT tcp -- anywhere anywhere tcp dpt:53062 to:192.168.1.186:53062
DNAT udp -- anywhere anywhere udp dpt:3074 to:192.168.1.2:3074



I have a wl500gx Deluxe with 1.9.2.7-7e

LK

Maybe it doesn't work because that's a wl-500g deluxe and the interfaces configuration are slightly different.

I think that the script will have to be modified in order to reflect the interfaces architecture of wl-500g deluxe.

Sorry but I don't know how to help.

Nuno

For it to work on the wl500 deluxe change eth1 to vlan1 on those two lines and voila...


Tried & tested :)