Community discussions

MikroTik App
 
michaelcarey
newbie
Topic Author
Posts: 41
Joined: Thu May 11, 2006 8:03 am
Location: Port Lincoln, South Australia

Best way to access ADSL modem web config

Sat Feb 21, 2015 10:02 am

Hi Everybody,

I'm after some suggestions on the best way to configure RouterOS/Routerboard so I can access an ADSL modem web config from inside my network.

My main router is an RB2011UAS, my ADSL modem is a TP Link TD-8840 in bridge mode. Ether1 is the main internal interface, it is connected directly to a Routerboard CRS125-24G-1S where the rest of my network is connected.

Ether6 (2nd switch) on the RB2011 is connected to the ADSL modem and I have the PPPoE client pointed at Ether6.

What I would like to do is be able to access the ADSL modem config so I can keep an eye on the physical line stats. What would be the best way to do this?

I think I am right in understanding that because the TP Link modem is in bridge mode and is not actually hosting the PPPoE session, that there is no security issue with using a plain old bridge interface between Ether1 and Ether6... I'm sure there is another more elegant solution.

Regards,

Michael.
 
User avatar
ShayanFiroozi
Member Candidate
Member Candidate
Posts: 281
Joined: Sat Jun 01, 2013 12:44 pm
Location: Bandar Abbas , Iran

Re: Best way to access ADSL modem web config

Sat Feb 21, 2015 10:51 am

Hello
If your ADSL model is in bridged mode with your Mikrotik Device use Bridge/Firewall or if it's routed use IP/Firewall to keep on your traffics.
 
troffasky
Member
Member
Posts: 431
Joined: Wed Mar 26, 2014 4:37 pm

Re: Best way to access ADSL modem web config

Sat Feb 21, 2015 1:26 pm

Does the TP-Link respond on its IP address whilst the PPPoE session is active? If so, it should just be a matter of adding an IP address in that network on ether6 on the RB2011 and away you go...
 
michaelcarey
newbie
Topic Author
Posts: 41
Joined: Thu May 11, 2006 8:03 am
Location: Port Lincoln, South Australia

Re: Best way to access ADSL modem web config

Sun Mar 01, 2015 4:31 am

Does the TP-Link respond on its IP address whilst the PPPoE session is active? If so, it should just be a matter of adding an IP address in that network on ether6 on the RB2011 and away you go...
Thanks for the reply troffasky. Yes, the TP-Link ADSL modem does respond on it's IP address (default is 192.168.1.1) when the PPPoE session is active.

I have added the IP address 192.168.1.3 to ether6 on the Mikrotik. I can ping the TP-Link (192.168.1.1) from the ping tool within WinBox.

One a computer within my network (192.168.0.0/24) I can ping the new IP address (192.168.1.3) on ether6, but I cannot access the TP-Link modem on 192.168.1.1. The appropriate dynamic default route was created when I added the IP address.

3 ADC 192.168.1.0/24 192.168.1.3 ether6-gateway 0

There are no firewall rules that would prohibit these two networks from "talking" to each other... what am I missing?

Regards,

Michael.
 
zafeirop
just joined
Posts: 1
Joined: Sun Mar 01, 2015 7:51 am

Re: Best way to access ADSL modem web config

Sun Mar 01, 2015 7:59 am

I am using the same setup with yours.
Please be sure that your ADSL router/modem allows web access from "Remote locations".

Some vendors prohibit access to config iface if source address does not belong to direct connected interface
 
cdemers
Member Candidate
Member Candidate
Posts: 224
Joined: Sun Feb 26, 2006 3:32 pm
Location: Canada
Contact:

Sun Mar 01, 2015 7:57 pm

I have the same setup, but I also added a nat rule for the traffic. As the modems default doesn't have a default gateway.

Sent from my Nexus 7 using Tapatalk
 
michaelcarey
newbie
Topic Author
Posts: 41
Joined: Thu May 11, 2006 8:03 am
Location: Port Lincoln, South Australia

Re: Best way to access ADSL modem web config

Mon Mar 02, 2015 10:13 pm

Thanks to all who offered input to this question... and thanks to cdemers, adding a Source NAT/Masquerade rule was the solution I was looking for.

This in effect treats the ADSL modem IP address/network as another "internet", NAT translates my private home IP addresses into the 192.168.1.0/24 network, and provides a neat way for IP traffic from the ADSL modem web interface to get back into the private network. This also means that if someone (not sure how but....) was able to get access to my ADSL modem from the "outside", bypassing the pppoe session... there is no way to get into my private network as it's protected by NAT... in the same way source NAT works with the pppoe interface.

add action=masquerade chain=srcnat comment="Source NAT to ADSL modem web config" dst-address=192.168.1.0/24 out-interface=ether6-gateway

Any traffic destined for 192.168.1.0/24 is sent to the ether6 interface with the source IP masqueraded as that interfaces IP address... 192.168.1.3

Regards,

Michael.

Who is online

Users browsing this forum: Ahrefs [Bot], f008600 and 54 guests