I have an Asus RT-N66U router connected to a Rogers Hitron CGN3 Gateway. The Gateway is in Bridge mode so it is only functioning as a cable modem. My Asus router has an IP of 192.168.1.1.
I can access the web UI of the cable modem at 192.168.100.1 if I plug a PC directly into the cable modem and give it a static IP on the same subnet. But I would like to be able to get access to the modem's web UI without having to move cables and change IP settings. Why? This gateway has had very serious problems and it would be nice to be able to tell if the firmware has been changed.
I have found threads here on SNB and elsewhere using postrouting and masquerade that seem to allow you to access the modem but I don't totally understand what is going on. I believe that you are creating a virtual NIC and giving it an IP on the same subnet as the router and using postrouting to be able to access the modem even though it is on the WAN rather than your LAN. Is that correct?
Given that the modem's IP is 192.168.100.1 will these commands enable me to access the modem from my LAN?
If those are correct then where do I enter the commands - in a telnet/ssh session on my router (I am running stock firmware)?
What are the security implications of this? Does this make it easier for someone to get access to my router? Or is the 192.168.100.1 address not accessible from the internet?
And am I correct in assuming that with the stock firmware that a reboot of the modem will mean that I have to re-enter these two commands?
Thanks.
I can access the web UI of the cable modem at 192.168.100.1 if I plug a PC directly into the cable modem and give it a static IP on the same subnet. But I would like to be able to get access to the modem's web UI without having to move cables and change IP settings. Why? This gateway has had very serious problems and it would be nice to be able to tell if the firmware has been changed.
I have found threads here on SNB and elsewhere using postrouting and masquerade that seem to allow you to access the modem but I don't totally understand what is going on. I believe that you are creating a virtual NIC and giving it an IP on the same subnet as the router and using postrouting to be able to access the modem even though it is on the WAN rather than your LAN. Is that correct?
Given that the modem's IP is 192.168.100.1 will these commands enable me to access the modem from my LAN?
Code:
ifconfig `nvram get wan_ifname`:0 192.168.100.2 netmask 255.255.255.0
iptables -t nat -I POSTROUTING -o `nvram get wan_ifname` -j MASQUERADE
What are the security implications of this? Does this make it easier for someone to get access to my router? Or is the 192.168.100.1 address not accessible from the internet?
And am I correct in assuming that with the stock firmware that a reboot of the modem will mean that I have to re-enter these two commands?
Thanks.