BadtzMaru
join:2001-12-06
Cleveland, OH
1 edit | Modem GUI w/ Router - ISO Definitive Answer
This is really bugging me. I can't seem to set up my network to get into my 5100b's GUI unless I am connected to the modem directly. Here's what I've tried so far:
Setup A
~~~~~~~
Modem
=====
Keep PPPoE on the modem
Set up modem to "Connect on demand"
Set up modem's connection timeout to "0"
Enter PPPoE Username and Password
Everything else is left at their defaults
Router
======
DHCP
inet addr:192.168.100.1
Bcast:192.168.255.255
Mask:255.255.0.0
Setup B
~~~~~~~
Modem
=====
[Same as Setup A]
Router
======
DHCP
inet addr:192.168.1.1
Bcast:192.168.255.255
Mask:255.255.0.0
Setup C
~~~~~~~
Modem
=====
Bridge Modem
Everything else is left at their defaults
Router
======
PPPoE
inet addr:192.168.1.1
Bcast:192.168.255.255
Mask:255.255.0.0
With Setups A and B, I cannot get in to the modem's GUI whatsoever. I can connect to to outside world for a few moments, but if I reset my router or reestablish PPPoE, my connection goes totally dead. After the connection dies, I can't even get back into the modem with a direct connection. A hard reset of the modem is required.
Setup C is how I usually have everything configured, except for the subnet mask is usually 255.255.255.0 -- when bridging the modem, the GUI states that I should still be able to access it if I keep the router's network in the 192.168.x.x range and set the subnet mask to 255.255.0.0, which I have done.
Being able to access the modem's GUI would be especially convenient right now as I have recently cleaned up my internal wiring and would like be able to observe the statistics and whatnot. Obviously I either have a modem that refuses to play nicely with routers (unless, of course, the router itself is doing the PPPoE), or I have missed something. Any information, tips or otherwise would be very enlightening. |
|
RadioDoc
58ef2c0
Premium,ExMod 2000-03
join:2000-05-11
 ·AT&T Midwest
| A subnet mask of 255.255.0.0 in this case means that the LAN segment is 192.168.x.x, which therefore means your Setup A and Setup B are essentially the same thing to the router. The modem is at 192.168.0.1, and your router is (rightly) keeping traffic destined to the modem (on it's WAN side) on the LAN side of things. Setup C avoids the problem IF the subnet mask is 255.255.255.0, because the modem (at 192.168.0.1) is on a different subnet than your LAN at 192.168.1.x.
Problem is, the modem wants to be on a 255.255.0.0 subnet.
Can you change the router to a 10.0.x.x or other numbering scheme so the subnets don't overlap? That should take care of this. |
|
BadtzMaru
join:2001-12-06
Cleveland, OH
1 edit | If the modem's subnet didn't overlap with that of the router, wouldn't that make it entirely impossible to access the modem's GUI from a node on the LAN?
EDIT: Sorry -- I just realized that you may have misunderstood my post. Setups A,B and C are and have never been in use at the same time. These are just different configurations I have tried in my quest to be able to get into the modem from behind a router. |
|
nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL
·AT&T Midwest
| Set the LAN subnet mask to 255.255.255.0, and otherwise use setup A. That ought to work. As RadioDoc  indicated, it is the subnet mask on the LAN side that is causing your problem. The modem use a subnet mask of 255.255.0.0, but that's on the WAN side of your router, so should not be a problem. |
|
BadtzMaru
join:2001-12-06
Cleveland, OH
| As far as being able to get into the modem's GUI from behind a router, Setup A does not work, and neither does Setup C when I use 255.255.255.0 as the subnet mask for the LAN. Sounds like you've been able to do this successfully. If you have a moment, please post your network config, including how you have your modem setup, and I'll try and duplicate it here. I'm starting to think that I have a bad modem. |
|
gdm
Premium,MVM
join:2001-06-15
Mchenry, IL
clubs:
 ·AT&T U-Verse
 ·AT&T CallVantage
·Comcast Digital Vo..
 ·Comcast
| This is how 5100b and router should be setup so you can access both.
5100b is doing pppoe off course.
Your router should have a LAN IP of 192.168.1.1 and subnet of 255.255.255.0 and set to DHCP mode.
Then once that is done hit apply/save on the router and reboot your machines if they are being DHCP'd from the router.
I had this setup for 18 months and it worked flawlessly. |
|
RadioDoc
58ef2c0
Premium,ExMod 2000-03
join:2000-05-11
·AT&T Midwest
1 edit | reply to BadtzMaru
No I think I got it right the the first time. The issue is mostly one of what IP address the modem is handing out to the router's WAN port, and how your router handles having the same address segment(s) on each interface. Normally, the modem gives out 192.168.1.64/255.255.0.0, which is going to cause problems if 192.168.(0,1).x is on the LAN side of things and something gets an 192.168.1.64 or 192.168.0.1 address.
SO, try this...
•Let the modem do the PPPoE thing...
•Set the router to 192.168.2(or higher).1/255.255.255.0
•Set the WAN side of the router to "obtain address automatically" via DHCP, or to 168.192.1.64 (that's what it's going to get anyway)/255.255.0.0. If you set a static WAN side address be sure to enter DNS server info at the computers.
Sigh... That's what I get for answering the phone in the middle of posting.
|
|
BadtzMaru
join:2001-12-06
Cleveland, OH
| Funniest thing. I followed gdm 's advice. And it worked -- all this time, I'd been setting up my LAN to use 255.255.0.0 to try to get it to overlap with the subnet of my modem, which is actually attached to the WAN NIC of my router. How foolish! Setting the LAN subnet mask back to 255.255.255.0 did the trick. So, for anyone else who stumbles upon this, here's how everything needs to be set:
On the modem, all that needs to be changed from its defaults are the following items in Advanced>Connection Configuration page -- User ID and Password (of course), Connection Type: Connect on demand, and Connection Timeout: 0 [displayed as "Never"] -- the modem will need to be restarted after these changes:
On the router, use DHCP, IP address: 192.168.1.1 (although anything in 192.168.x.x should work), Subnet Mask: 255.255.255.0 (NOT 255.255.0.0). |
|
BadtzMaru
join:2001-12-06
Cleveland, OH
| reply to RadioDoc
said by RadioDoc :No I think I got it right the the first time. The issue is mostly one of what IP address the modem is handing out to the router's WAN port, and how your router handles having the same address segment(s) on each interface. But by default, the modem gives anything behind it a public IP address -- and this is a good thing since it avoids having to deal with double-NAT.
root@smoothwall~# ifconfig
eth0 Link encap:Ethernet HWaddr 0?:?0:2?:16:?B:?9
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:108914 errors:0 dropped:0 overruns:0 frame:0
TX packets:80639 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:86616849 (82.6 Mb) TX bytes:27983129 (26.6 Mb)
Interrupt:9 Base address:0x8000
eth1 Link encap:Ethernet HWaddr 00:A0:CC:28:C5:09
inet addr:68.255.???.??? Bcast:68.255.???.??? Mask:255.255.255.0
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
RX packets:74586 errors:2 dropped:0 overruns:0 frame:0
TX packets:106498 errors:1 dropped:0 overruns:0 carrier:1
collisions:0 txqueuelen:1000
RX bytes:19365573 (18.4 Mb) TX bytes:86529362 (82.5 Mb)
Interrupt:11 Base address:0xd800
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:127 errors:0 dropped:0 overruns:0 frame:0
TX packets:127 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:13051 (12.7 Kb) TX bytes:13051 (12.7 Kb) |
|
gdm
Premium,MVM
join:2001-06-15
Mchenry, IL
clubs: | reply to BadtzMaru
One thing under advanced---connection type set that to always attempt to connect on the modem. |
|
BadtzMaru
join:2001-12-06
Cleveland, OH | Got it. Interestingly, I had to reboot my router to apply the change network-wide. What's the advantage of "Always attempt to connect" vs. "Connect on demand" with a zero timeout? |
|
RadioDoc
58ef2c0
Premium,ExMod 2000-03
join:2000-05-11
·AT&T Midwest
| reply to BadtzMaru
Yep. That's true. But it will still cause trouble if you try to overlap it's 192.168.0.x subnet regardless of what your router gets on it's WAN interface. That's how you get to the admin interface, and if your router thinks it's a LAN address it won't pass it to the modem.
Double-NAT isn't much of a problem on this modem since it passes everything through, sort of like a DMZ situation.
In any event, glad to hear you figured it out. |
|
gdm
Premium,MVM
join:2001-06-15
Mchenry, IL
clubs: | reply to BadtzMaru
always attempt to connect means it will be on 24/7 unless there is an outage, maintenance, etc.
Connect on demand means it will connect when you need the internet. |
|
BadtzMaru
join:2001-12-06
Cleveland, OH
| Seems like a fine line. On one hand, it will "always attempt to connect" regardless of what's going on on the inside, while on the other hand, it will attempt to connect (only) when it senses a packet directed to the outside world, and never disconnect. I guess the former is better if one's interested in obtaining an always on connection. |
|
gdm
Premium,MVM
join:2001-06-15
Mchenry, IL
clubs: | Think of always attempt to connect like a bridge modem and having your router set to 'always attempt to connect'  |
|
BadtzMaru
join:2001-12-06
Cleveland, OH
4 edits | reply to BadtzMaru
Now, if only I could figure out why Snort is logging:
Date:04/08 00:02:04 Name:ICMP PING speedera
Priority:3 Type:Misc activity
IP info: 192.168.0.1:n/a -> <my.public.ip.address>:n/a
References:none found
00:25:08 eth1 - UDP
<work.public.ip.address>:17937 -> <home.public.ip.address>:1412 |
|
