On Tue, Dec 15, 2020 at 11:06:34PM +0000, Paul Elliott wrote: > My cable modem sits outside the firewall (on the net NIC) on the IP > address 192.168.100.1, and with my current setup I cannot connect to > it, either from the internal network or the firewall. I would like to > do this in order to be able to see its status page.
You need to add an address on the (a) interface that's on the same subnet as the cablemodem. If the server has a public IP (probably if the cablemodem is in "bridging" mode), then you probably need a *second*, private address on that interface, to connect to the cablemodem on its *internal* IP (because it probably won't accept management connections from the big bad WAN port). You'll want an ./masq entry to use that internal address when talking to the modem. You can check that's working using tcpdump -nni 'host cablemodem'. If you used a multi-ISP setup, you'd also have to add that IP to the route_rules. > I am presuming here that I would need to setup another zone in order to > allow routing, but then I don't have another NIC to bind this to, so I > am confused. Can anyone point me in the right direction here? I hope I > have provided enough information. -- Justin _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
