On 12/16/20 1:21 PM, Paul Elliott wrote: > On Wed, 2020-12-16 at 13:31 +0000, Simon Hobson wrote: >> Sam <shorew...@net153.net> wrote: >> >>> Usually you can just add an addition IP alias to the external nic. >>> Something like: ifconfig eth1:1 192.168.100.6 up >>> >>> "eth1" here is the external nic and the ":1" is the alias number. >> I'd agree that this sounds like a likely fix - but the OP hasn't said >> yet how he actually connects to the internet. Does he use an RFC1918 >> address because the modem is already doing NAT, or does he have a >> public IP and the modem is transparent ? >> > The modem is transparent, the external IP is given to the external > interface on the firewall via DHCP. Somehow via magic the cable modem > also listens (on http) on 192.168.100.1 - as others have pointed out > though, I think this is only via the 'internal' network. > > If I just connect a laptop to the modem via direct cable then I have no > issues hitting the status page, however this is obviously not something > I want to do often. > >> BTW, the modern (as in, for the last decade or two) method is to use >> "ip" for this. ip replaces a number of separate tools. >> ip addr add 192.168.100.6/24 dev eth1 >> >> "ip addr" or "ip addr dev eth<n>" will show you the currently >> assigned addresses. "ip route" will show (and add/delete) routes. >> Etc. >> >> Simon >> > > Indeed - the server is Ubuntu 20.04 thus ifconfig and ifupdown are a > thing of the past, and I also have to deal with netplan (the less said > about this the better). > > I will attempt the extra ip binding when I have a moment where breakage > is not a critical matter (several people working from this house, so I > am now a sysadmin as well as the day job) and report back. Thanks all > for the pointers! > > Paul. > >> >> _______________________________________________ >> Shorewall-users mailing list >> Shorewall-users@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/shorewall-users > > > > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users
I have never had to add an extra IP to my external interface. I just route the 192.168.100.0 network out via the external interface, and the modem responds. -- Jeremy Baker <j...@mbcs.ca> GnuPGP fingerprint = EE66 AC49 E008 E09A 7A2A 0195 50EF 580B EDBB 95B6 _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
