Cannot connect to main ISP router after installation of Firewalla
After I installed Firewalla I no longer have access to my ISP's router on 192.168.0.1
I guess Firewalla redirects the traffic via ARP table modifications so it is able to capture
and manage all traffic. But how can I now connect to my ISP's router to manage it?
-
Guido,
Quick questions
1. other than not able to connect to your ISP router, is other operations normal on Firewalla?
2. Have you tried to reboot the ISP router? (what is the router model?)
Firewalla don't really spoof the ISP router, it is left alone. (Well, we used to, half year back and we turn that capability off)
-
Hi!,1. Firewalla is working ok, as far as I can determine.2. The Internet modem is from Ziggo (ISP) and the type is the Connectbox from Compal CH7465LG. https://www.ziggo.nl/klantenservice/wifi/modem/connect-box/I have rebooted the router multiple times without any solution.3. When I run “arp -a” I see that the mac address of the Firewalla is connected to the ip-address of the main router!When I delete the Arp entry, I can access the router again! But then firewalla is no longer working... (no blocking and no data transfer...)??? Apparently the spoofing is not yet off?
-
(3) when u run arp -a on any machine other than firewalla, and your router, you should see the IP address of the router mapped to MAC of firewalla. This is the spoofing part (1).
Let me open a case and you need to help us a bit and give us support access. This is the first time we seen that router.
-
The mac addresses of the Router and of firewalla are:
When I run arp -a from the macbook I see that on the first line firewalla has taken the ip address.
Now, when I reboot the macbook I suddenly CAN access the ISP router again, even though the
ARP table has the incorrect combination. I don't understand this. I could not access the ISP router
for several days until now! But now I have restarted both the router and the macbook, the first
try of http://192.168.0.1 failed, but the second try I worked!!!But ARP -a still shows the above screen! I don't understand this. Why is it working sometimes
and sometimes it isn't?Guido
-
Guido, I've deleted the screen shot since it has full mac addresses. The observation is correct. What happen with spoofing is this
1. Firewalla tells the macbook, hey I am the router, here is my MAC address. Then on your macbook you will see 192.168.0.1 mapped to MAC of firewalla
2. When macbook send packets, it will send to MAC address of firewalla.
3. Firewalla will receive the packet and then forward it to the real router by rewrite the MAC to the MAC of the router.
This is the 'spoof' at work. Firewalla in this case is an routing element.
More here
Please sign in to leave a comment.
Comments
5 comments