So I have been fiddling around a bit more with my SpeedTouch 510 ADSL modem. I wanted to be able to access the internal webserver in it from my machines on the inside, i.e. those behind the firewall. The modem is on the outside. The IP of the modem is 10.0.0.138 which also makes it a bit problematic since it is not routed normally.
To start with I gave my outside network-card one more ip number, 10.0.0.1 so it would be on the same net as the modem:
ifconfig vr0 alias 10.0.0.1
vr0 is the name of my outside network interface.
Then I had to tell my firewall not to deny those packets since normally 10.0.0.0 and 192.168.0.0-nets are not routed:
add allow all from any to 10.0.0.138 via ${oif}<br />
add allow all from 10.0.0.138 to 192.168.0.0/16 via ${oif}<br />
add allow all from 10.0.0.138 to 10.0.0.0/8 via ${oif}
This allowed me to telnet into the modem as well as access the webpages from my firewall machine but I wanted to use the machines that had ip like 192.168.0.3 to access teh webserver as well. The problem is that the modem doesnt know where these machines are so I had to tell it where to route traffic for the 192.168.0.0 net.
ip rtadd dst=192.168.0.0/16 gateway=10.0.0.1
So now it works when the modem sends the traffic to my firwall that routes it correctly to my PC and such.
Hi Kalle,
I just received my SpeedTouch 510i ADSL MODEM (ISDN). I want to do the same you described, but I can’t exdcute those commands (I use the telnet interface). I have a couple of questions:
1. From which prompt (group) do I have to execute the command: “ifconfig vr0 alias 10.0.0.1”?
2. I guess the next four CLI-commands are from within the firewall group? But I can’t find those commands in the manual?!
The last command I can find in the manual (I can’t find the “alias” in the manual either). I’m a total beginner in this area, so I hope you can shed some light on this subject for me.
TIA, cu,
Robert
Hi,
The ifconfig command is on my “FreeBSD”:http://www.yelloworb.com/freebsd/ machine which also runs the firewall(IPFW) so those commands I have in the config file. So the above instructions is mainly for how to access the Modem from the machine it is connected too. What is your configuration of machines?
Hi,
Ah, dat makes things more clear (sort of).
I thought you executed those commands on the SpeedTouch itself through the CLI of the MODEM.
Well, I’m running a Windows-shop. I Have the SpeedTouch, which is connected to a Sweex router. My LAN is connected to the Sweex (a leftover from my cable MODEM days).
I know the SpeedTouch can replace the Sweex (apart form the switch-part, obviously), but I’m still trying to make this work more or less as an experiment … I’m learning form the experience, anyway (I still have my cable connection till August, so if somethings goes terriby wrong … no worries 😉
I probably should have read more of your blog, to learn more of your setup, but most of it is in a language I don’t know 😉
Anyway, I’m going to look for a some Linux documentation and try to decipher what you’ve done. Maybe I than can figure out if something like you did can work for me.
Cu,
Robert
Most of the stuff I do with computers I try to write in english since I know others, like you, might find it. The other parts is kind of randomly english and swedish. The blog is mainly for keeping things I want to remember which I would most likely forget:-) The FreeBSD blog is all in english though.
I also have the 510. I am trying to figure out a way to get to the webserver from work. The 510 is at home. Any clues as to what firewall settings etc. need to be modified. I don’t even know where to start with this.
Hi there, I also have the 510 modem router (v4). I have no trouble using my mac as an internal webserver, and also as a fully fledged mail server using dyndns.
The problem comes with making the webserve accessible to the outside world, as you will see from the URL link i’ve provided.
The 2nd issue is that when I try the link myself form internal, i just get the speedtouch 510!!!!
Do you have any idea how i can get around this?
the URL is:
http://peternicholls.dyndns.org
Thanks
Hi,
both Tom and Peter, what you are looking for is something completely different from what I have done. Since you(guessing here) got your 510 acting as a router and a dhcp server, giving several machines behind it access to the internet, you need to setup NAT to make those machines accessible for the outside world.
Basically what you do with NAT is that you tell the 510 when someone tries to connect on port 80(the web port) that traffic should be forwarded to an internal machine with an internal IP(usually something like 192.168.x.x or 10.x.x.x). Guessing the later for Peter since you see the 510 webserver. Hope it gives you a bit better idea of what to do, and search for.
I forgot admin password. How can I get it from modems config file without reset to factory defaults?
Please contact me if you know something about it.
knoxwille@gmail.com
knx.