On 14Apr2019 18:41, Bob Goodwin <bobgoodwin@xxxxxxxxxxx> wrote:
On 04/14/19 17:38, Samuel Sieb wrote:
If you can't disable the wifi on the modem, then you can just ignore
it. Connect the WAN port on your router to the ethernet port on the
modem. You end up with double NAT, but it should still work.
.
Yeah, I think it's a poor design for the application, I found no way
to shut it off. We have been connecting to the WAN on my router. All
they have is what appears to be two identical Ethernet portss on the
modem-router, both seem to work for conncting my Ethernet LAN. However
I have not been able to pass that data through my router to the LAN or
the wifi signal. Their wifi signal is what the iPhone and iPads are
using now ... I may be doing something wrong in the security
configuration?
We do what you're wanting. Ignoring, for now, turning off the wifi on
their router, we run our own firewall inside the ISP router(s). If
nothing else it gives us complete control, and makes us ISP tech
agnostic.
Our setup also has two distinct DHCP arrangements, because we've got two
ISPs.
Our setup is like this:
sat-modem <-> FW <-> 4G-modem
^
|
V
LAN
Hoping you're using a fixed width font here :-) All though arrows are
ethernet cables.
Our firewall runs OpenBSD (I will use PF instead of iptables any day),
but anything good will do.
On the satellite side the firewall runs DHCP - it always gets the same
address but the DHCP is part of the link setup at the far end - it has
to happen or their switching doesn't start routing stuff. And on the
satellite side we run NAT on our ourbound traffic - the ISP gives us a
private address and our own LAN addresses are of course meaningless to
them. Of course, since the ISP gives us a private address they also run
NAT at their end. It all works fine.
On the 4G side the firewall runs a static address to the 4G modem, which
is your conventional local-ethetnet+wifi device - we run that as a
distinct subnet. Because the 4G modem itself does NAT, we don't bother
NATing on the 4G FW interface - it is a plain static route direct from
the interface setup. We don't need to NAT on the FW because we own the
4g modem interior net.
We run our own wifi network inside attached to the "LAN" above; the FW
provides the DHCP; we just use an Airport in bridge mode.
Cheers,
Cameron Simpson <cs@xxxxxxxxxx>
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
