Acces to a Firewall behind the router?

Mierscheid · March 4, 2021, 2:12pm

The instructions to access a modem (firewall is similar) in the wiki are outdated and I personally can't apply them to the current openWRT setup either.
How can I access the firewall to configure it?
IP forwarding to the Fritzbox is not necessary
A picture paints a thousand words:

TIA
Michael

iplaywithtoys · March 4, 2021, 2:16pm

From where?

That depends on the answer to the above question.

Mierscheid · March 4, 2021, 2:18pm

Oh, sorry... there is an ioBroker-PC in the LAN. My fault.

vgaetera · March 4, 2021, 2:27pm

I updated the wiki:
https://openwrt.org/docs/guide-user/network/wan/access.modem.through.nat

If the issue persists, collect the troubleshooting info:
Can't access cable modem page from LAN - #14 by vgaetera

Mierscheid · March 4, 2021, 2:42pm

Is there an option to activate an "Expert Mode"?
Thats all I can see actually.

iplaywithtoys · March 4, 2021, 2:57pm

Are you trying to reach 192.168.178.1 from the ioBroker PC in the 192.168.242.x subnet?

Mierscheid · March 4, 2021, 2:59pm

No, I don't want to either.

iplaywithtoys · March 4, 2021, 3:03pm

Then I'm at a bit of a loss. From your screenshot it looks like you're currently on the admin page for a device with the WAN IP address of 192.168.8.179, obtained via DHCP.

From your diagram, that suggests that device might be the MT300A, as its WAN interface is connected to the LAN side of the MT300N.

Are you trying to administer the MT300A, or are you trying to connect to the MT300N at 192.168.8.1 ?

Mierscheid · March 4, 2021, 3:08pm

I am trying to administrate the Device "Firewall" (MT300N) connected at the WAN-Port of "SmartHome-AP" MT300A.
My luCi does not have "IP Aliases" at Interfaces --> WAN --> General Settings.

iplaywithtoys · March 4, 2021, 3:10pm

Then just stick http://192.168.8.1/ in your web browser, or ssh to root@192.168.8.1

Mierscheid · March 4, 2021, 3:17pm

That was my first thought, but the web server does not respond. But you are right... ssh works. Don't know, whats happened to luCi on the "Firewall".

I am so sorry to have wasted your time.
I'll see what the problem with the device is.
Thanks al lot!

iplaywithtoys · March 4, 2021, 3:20pm

Many things could be stopping Luci from responding. uhttpd might not be running. It might be listening on a different port. It might be listening on a different IP address. There might be a firewall rule between you and the target which intercepts the traffic. Those are just four possible examples; there are more.

But, as long as you can get onto the command line, you should be able to troubleshoot. From experience, the MT300N should have enough spare storage to install some extra packages (I have both an MT300N v1 and MT300N v2). You might find tcpdump to be useful, depending on what your investigations reveal.

iplaywithtoys · March 4, 2021, 3:22pm

It's not a waste of time. Something I've seen many times in my day job is that sometimes it just needs another pair of eyes. Everyone overlooks the supposedly "obvious" stuff occasionally. Don't sweat it.

system · March 14, 2021, 3:23pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.