Netgate Behind Spectrum Router

I have had a static IP from Spectrum for years that was assign to my Netgate firewall and that was plugged into the Cable Modem from them. I recently got an upgrade modem from them, but this time it came with a router from Spectrum and I got told that my Negate can’t have the IP it has to be there router. So my netgate is plugged into the Spectrum Router on the 192.168.10.0/24 subnet. But the issue I am having is I can’t reach the OpenVPN that is running on the Netgate and I can reach the security cameras that are behind the Netgate on the 192.168.100.0/24 network. On the Spectrum Router I have set the Netgate as a DMZ host and still no luck. I also disable the RFC 1918 block rule on the wan interface of the Netgate and no luck.

I am hoping someone out their can see what I am missing. Appreciate any ideas.

You need to see if there is an option in the Spectrum router that allows “Bridge Mode” in order to get a public IP on the pfsense firewall. If not you will need to manually forward ports in the Spectrum router to the pfsense.

Just figured out the problem this morning and I am kicking my self for not doing it last night. The Spectrum Tech got the IP wrong by one digit, so once I got the correct IP everything started working again.

Glad it works, but I’m still curious: Do you have a modem and a separate router now or is it a single device that combines both functions? Because if you still have the separate modem, you might just be able to connect the pfSense WAN directly to the modem regardless of what your ISP told you. Residential ISPs like to say things like “you have to use our equipment, otherwise it won’t work” and oftentimes that’s an outright lie. They just want to reduce the amount of support they have to provide.

I deal with Charter and Comcast a lot. I also use Netgate exclusively. The only thing you need is the public IP , Subnet and gateway. I do hate there 2 and 3 part solution but they are trying to get in the game of MSP. I don’t use there DNS as I have had them fail and the information they collect. And there are better DNS servers out there! Mine is all on the commercial side but I do know the residential side is the same. Just my 2c.

It is now a modem and a router, two separate pieces of equipment. I did try plunging the Netgate directly into the modem with my IP being static on the Netgate with no luck. One of the things that did change after I called Spectrum was I foundout that I could keep my static on the Netgate WAN and drop the 192.168.10.1 DHCP address and avoid a double NAT, that was something the onsite tech told me I had to do. But I do need to use the router because they have that setup as my gateway for the static IP.

So essentially everything is running like it was before, except I now have another device that has to be plugged in and running