I recently upgraded my entire home network setup. This involved replacing my Asus DSL-AC68U modem/router with a pfsense box and a Draytek Vigor 130 modem.
Without going into too much detail, my home LAN is on
192.168.0.0/24 and my pfsense box has an ip address of
192.168.0.254 but my Draytek modem has an ip address of
I wanted to retain the ability to access the Draytek webui to upgrade firmware and check sync speeds and such like.
It's pretty straightforward to do, but I didn't find it that intuitive initially.
Setup a new interface
Interfaces=>(assign) and add a new interface using the same physical interface that your WAN connection uses. Like in the picture below.
Then click on it to configure it.
Give it a static IP on the same subnet as your modem, for me that subnet is
192.168.2.0/24 so I chose an IP address of
192.168.2.254 but it can be anything you want as long as it is different to your modem's IP address.
Setup NAT rule
Now we're going to setup a rule directing LAN traffic to be able to access the modem webui. Go to Firewall=>NAT=>Outbound and create a new rule above all the others and configure it like so. Source should be the Network your LAN is on, mine is
192.168.0.0/24 and destination should be the subnet your modem is on, mine is
Here's a picture of my outbound NAT rules.
Test it all works