Can't access cable modem page from LAN, on a Arris CM8200A

uci add_list bcp38.@bcp38[0].nomatch="192.168.100.0/24"
uci commit bcp38
/etc/init.d/bcp38 restart
/etc/init.d/firewall restart
3 Likes

Nope... It even occurred to me that my running BCP38, which is not stock, might have something to do with it, flipped the Luci interface "enable" box back off, didn't work.

And, ran your uci commands... nope, still going to the router page instead of the modem.

Well, that was interesting... slipped and mis entered a line there, completely lost the router. No communication at all.. Internet was down for the house, and I was lucky to have an old SD disk laying next to the router, which I was able to plug in and get the router back relatively fast, or there would have been household discord! Running 19.07.05 now, same problem... also have BCP38 running on that one.

This is very strange, from what little I know, it should be easy... I had first tried doing a static route, and found a bit online about that. Didn't understand that very well either, so I was just reading and trying things... and had no success.

Guess I have to start truly educating myself on basic Linux Networking again... think I have some 20yr old books I could dust off...

# OpenWrt
opkg update
opkg install tcpdump
tcpdump -evni any tcp port 80

# PC
curl -v 192.168.100.1
nmap -sV -p 80 192.168.100.1

Uh, it's late and I'm getting confused. SSH into OpenWrt, got tcpdump running, went back and banged on the 192.168.100.2 with the browser a few times. Got lots of traffic, but I don't have curl available on OpenWrt and have a Win10 box on the other end and don't seem to have it there, where I can use it. Seems to be in the Win command line, but i'm using Ktty to ssh into the router. Just eyeballing it, I dont' see any traffic with that IP. Oddly, I did hanve a smart switch in line, that took it's own IP, , thought maybe it's doing something to stuff it shouldnt, plugged the pc into the dumb switch at the router egress... No difference but I'm still seeing traffic to and from 192.168.10.1. edit: that should be 192.168.1.10

Really confused now, will do some reading in to tcpdump use... this is my first time...

'00:19:55.759869 Out 00:01:2e:83:5a:da ethertype IPv4 (0x0800), length 108: (tos 0x0, ttl 64, id 20893, offset 0, flags [DF], proto TCP (6), length 92)
    192.168.100.2.80 > 192.168.1.10.59146: Flags [P.], cksum 0xe6ab (incorrect -> 0xd3bd), seq 1:53, ack 335, win 237, length 52: HTTP, length: 52
        HTTP/1.1 307 Temporary Redirect
        Connection: close

OK, well, that didn't format very well... Just dropped a huge text paste into an editor, and searched around. There's other stuff, but this is who it's being pointed at. The interesting thing is, that's my smart switch. That also is not there at the moment. It's the address that should be where it's web interface is, moved so it won't conflict with the 192.168.1.1 that the router is on. Somehow, there has to be some cross connection there.. I see 193.168.1.10 in the Routes table, but never have seen a 192.168.100.x.
Hope those are some clues. I'll figure out or just make a collection of everything with the modem IP on it, tomorrow. Hope this has a clue or two for you.

    192.168.1.10.59146 > 192.168.100.2.80: Flags [S], cksum 0x1418 (correct), seq 1113870315, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
    192.168.1.10.59146 > 192.168.100.2.80: Flags [S], cksum 0x1418 (correct), seq 1113870315, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
    192.168.100.2.80 > 192.168.1.10.59146: Flags [S.], cksum 0xe683 (incorrect -> 0x41e0), seq 2291651184, ack 1113870316, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    192.168.100.2.80 > 192.168.1.10.59146: Flags [S.], cksum 0x41e0 (correct), seq 2291651184, ack 1113870316, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    192.168.1.10.59146 > 192.168.100.2.80: Flags [.], cksum 0xd4ae (correct), ack 1, win 8212, length 0
    192.168.1.10.59146 > 192.168.100.2.80: Flags [.], cksum 0xd4ae (correct), ack 1, win 8212, length 0
    192.168.1.10.59146 > 192.168.100.2.80: Flags [P.], cksum 0xedf9 (correct), seq 1:335, ack 1, win 8212, length 334: HTTP, length: 334
        Host: 192.168.100.2
    192.168.1.10.59146 > 192.168.100.2.80: Flags [P.], cksum 0xedf9 (correct), seq 1:335, ack 1, win 8212, length 334: HTTP, length: 334
        Host: 192.168.100.2
    192.168.100.2.80 > 192.168.1.10.59146: Flags [P.], cksum 0xe6ab (incorrect -> 0xd3bd), seq 1:53, ack 335, win 237, length 52: HTTP, length: 52
    192.168.100.2.80 > 192.168.1.10.59146: Flags [P.], cksum 0xd3bd (correct), seq 1:53, ack 335, win 237, length 52: HTTP, length: 52
    192.168.100.2.80 > 192.168.1.10.59146: Flags [FP.], cksum 0xe69b (incorrect -> 0x2aa2), seq 53:89, ack 335, win 237, length 36: HTTP
    192.168.100.2.80 > 192.168.1.10.59146: Flags [FP.], cksum 0x2aa2 (correct), seq 53:89, ack 335, win 237, length 36: HTTP
    192.168.1.10.59146 > 192.168.100.2.80: Flags [.], cksum 0xd307 (correct), ack 90, win 8212, length 0

Extra pastage...

This way you can see the original redirect location:

tcpdump -Xvni any host 192.168.100.1 and tcp port 80

Also check this:

ipset list
1 Like

Ipset list yields nothing.

Here's the tcpdump (with address correction for .2)

root@ZBOX:~# tcpdump -Xvni any host 192.168.100.2 and tcp port 80
tcpdump: listening on any, link-type LINUX_SLL (Linux cooked v1), capture size 262144 bytes
01:07:39.158440 IP (tos 0x0, ttl 128, id 58842, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.1.10.59318 > 192.168.100.2.80: Flags [S], cksum 0xd7e3 (correct), seq 270253500, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
        0x0000:  4500 0034 e5da 4000 8006 2e8c c0a8 010a  E..4..@.........
        0x0010:  c0a8 6402 e7b6 0050 101b bdbc 0000 0000  ..d....P........
        0x0020:  8002 faf0 d7e3 0000 0204 05b4 0103 0308  ................
        0x0030:  0101 0402                                ....
01:07:39.158440 IP (tos 0x0, ttl 128, id 58842, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.1.10.59318 > 192.168.100.2.80: Flags [S], cksum 0xd7e3 (correct), seq 270253500, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
        0x0000:  4500 0034 e5da 4000 8006 2e8c c0a8 010a  E..4..@.........
        0x0010:  c0a8 6402 e7b6 0050 101b bdbc 0000 0000  ..d....P........
        0x0020:  8002 faf0 d7e3 0000 0204 05b4 0103 0308  ................
        0x0030:  0101 0402                                ....
01:07:39.158673 IP (tos 0x0, ttl 127, id 58842, offset 0, flags [DF], proto TCP (6), length 52)
    x.x.247.59318 > 192.168.100.2.80: Flags [S], cksum 0x0ac4 (correct), seq 270253500, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
        0x0000:  4500 0034 e5da 4000 7f06 626c 48db 45f7  E..4..@...blH.E.
        0x0010:  c0a8 6402 e7b6 0050 101b bdbc 0000 0000  ..d....P........
        0x0020:  8002 faf0 0ac4 0000 0204 05b4 0103 0308  ................
        0x0030:  0101 0402                                ....

Many more, very similar...

According to the OP, your modem IP should be different.
Make sure you are trying to access the correct IP address.

1 Like

Uhhh... yes, but I thought we were redirecting/renaming it with the naming of the interface?

Web interface

Assuming that your modem address is 192.168.100.1/24.

Navigate to LuCI → Network → Interfaces → Add new interface… and specify:

    Name: modem
    Protocol: Static address
    Interface: Alias Interface: “@wan”

Then click Create interface.

On the General Settings tab specify:

    IPv4 address: 192.168.100.2
    IPv4 netmask: 255.255.255.0

It used to not work at .1 both .1 and .2 would get me the 1.1 router box not the 100.1 box. I thought it would be available at the .2, so I've been trying that for a while now. IT NOW WORKED, when I just tried it at 100.1. I dont get the website with graphics, I get a bare bones 2 boxes for admin log in. Have to go remember what the default password is.

1 Like

There's no need to redirect since we can simply route. :wink:

1 Like

OK, too late here, I didn't follow you on the last one.

So now, web browser hitting address 192.168.100.1, I get a no graphics text only page with name and password boxes from the modem, (Ive seen the modem's page when directly plugging PC into it, has lots of graphics and formating) but I DONT get anything from the tcpdump listening on your last command. 0 packets captured, even though I got something new on xx100.1

Too tired, going to try again tomorrow. Thanks for hanging in with me.

Edit: fior extra confusion. I get the text based modem login page when the modem Interface is disabled in the router. I had been turning it off inbetween times of working on it, on the principal that if I don't understand what it's doing and its broken, I dont want to leave it running. Turning it back on again, nope, I start gettign the router's main signin page.

Goodnight.

1 Like

If you can open the page, check it using the website inspector in your browser.
Be sure to disable customization extensions like Adblock/uBlock/uMatrix/etc.

1 Like

3 posts were split to a new topic: Can't access DSL modem in bridge mode

OK, back to this one. I had screwed up my original 16.07.6 based router and had to pop in an earler 16.07.4 SD I had handy (sneakernet backup) and was running that. Wierdly, I got the Cable Modem page at 192.168.100.1, for just a short time, accessed a couple of pages with full HTML formatted pages. Then, it broke again, without me changing anything, and I had no access since. I'm guessing most of the "page not formatted" errors and maybe some of the "network" errors might be browser cache issues, though I had flushed (I think) everything at one point.

Moving on... I now have a nearly fresh 19.07.7 disk on the router box, with only some of the config I normally do. Have just done the Wiki based (Luci) instructions, and am not getting to the modem page. Have taken tcpdump of modem 80 address access from earlier in the thread, will get them posted in a bit.

Here's the pastebin. It is the dump of a ping from the PC to the Modem, both before and after the (Luci) instructions, in the Wiki, creating the Modem interface.

Odd thing I noticed, I see the MAC of my PC in the ARP table with two IP addresses. Other thing I might mention, I have a switch between the Router LAN and the PC (as well as my AP, but that's not in this picture) Not a "smart" switch, but could it influence things?

Tried a different way to test things, since I seem to be suffering from Firefox adamantly trying to make the modem address https, which I'm not sure is an issue or not, and Chrome fervently trying to search Google for my URL if it doesn't come up directly. I'm trying to figure out a way to determine if this is the actual problem.

Have used the Windows Power Shell to use a test called "Test-NetConnection" which is some kind of scanning gizmo.

PS C:\Users\Jon> Test-NetConnection 192.168.100.1 -p 80


ComputerName     : 192.168.100.1
RemoteAddress    : 192.168.100.1
RemotePort       : 80
InterfaceAlias   : Wi-Fi
SourceAddress    : 192.168.1.118
TcpTestSucceeded : True

This seems to imply that I can reach port 80 on the modem's address.

The annoying thing is that that test is successful both WITH and WITHOUT, the modem interface existing.
I can also do a ping successfully to that address now, even after I delete the modem interface. Since I'm remembering a time when I couldn't ping the modem, I'm wondering if the Luci interface isn't removing the device when it says it's deleted.

I also am getting Chrome at least (I think) to be sending the IP with http://, with no success, so I might next try the command line version, vs Luci, and see if I get different results.

Do you have spectrum? They've been disabling the web interface on their modems for a while now. If you're renting a modem from them it's entirely possible that that's what's happening here. I connected to the serial console one time a long time ago and in the boot log it showed a iptables rule that I think drops traffic on port 80 and 443 unless it has a mark of 0x80 (I'll try to get the commands later).

No, I have Cox...

I had heard that some providers were doing this, but don't know if Cox does. It is one of theirs, not rented, but a CM8200 "given" to me for free. Of course, yours or theirs, it would seem they have the ability to flash whatever they want on it.

Also, I have had one, short time where I was getting the web interface page, and was able to get a couple of pages printed off it, before it mysteriously stopped being accessible again. Literally, I had access, and a few hours later I didn't and haven't seen it since. Also, back when I first was given the new 3.1 modem, I pulled the ethernet off my router and plugged directly to the PC, and was able to access it directly. Testing that is problematic, in that it brings the house down, of course, so far I haven't tried that since.

So, unless I'm extremely unlucky and Cox has been rolling locked, unlocked, and back to locked firmware versions, right when I'm trying to figure this out, it's probably something else. I do remember a few years back seeing my firmware on my owned modem get changed up and down FW versions in a matter of a few days, for no apparent reasons. Will check some Cox related forums for lockout actions.