PPPoE with vlan
-
@stephenw10 so a cable to a computer with wire shark and see the trafik for any PPPoE trafik
-
No you can run the capture on pfSense. And in fact you would have to because em0 has to carry the PPPoE traffic to the modem.
-
@stephenw10 what settings do i use for it? Other than wan https://imgur.io/a/64TIFTF
-
The interface probably isn't going to be WAN since that would be the PPPoE link. It should be whatever you assigned em0 to.
I would also enable promiscuous mode and set the packet count to 1000. -
@stephenw10 are you available for call it would be much easier than this, i don't really understand what you want to pcap
-
I made a pcap of the wan (right now wan is just the cable plugged in to the modem) with the settings https://imgur.com/a/67dMLkJ
-
I can't do that, we have paid support for that
https://www.netgate.com/supportHow do you have the interfaces configured currently? In Interfaces > Assignments?
-
@stephenw10 oh okay, wan is just set to em0
-
Ok, you need to have WAN assigned to the PPPoE link on em0.101 as the ISP requires.
Then have em0 assigned as a different interface so you can capture on it from pfSense directly and check the tagging on the PPPoE traffic.
-
@stephenw10 so i pcap opt witch is em0 and have wan on PPPoE over vlan 101?
-
Yes, exactly.
You should then see the PPPoE packets with the VLAN 101 tags.
And you will also see any incoming traffic from the ISP and how that might be tagged.
-
@stephenw10 just did the pcap this is the data all the others are ARP https://imgur.com/a/OpboblW
-
Is there any tagging on that ARP traffic? I assume that's coming from the modem?
Do you know what the sagecom device is?
Can you successfully get a PPPoE link there using something else? Link a Windows host directly for example?
Are you sure this is actually PPPoE even? That ARP traffic is not what I'd expect to see there.
-
@stephenw10 sagecom is the company that owns the modem/old router. Would it be easier if you got the pcap file? How else could i get am PPPoE connection (with what device)
-
Sure upload it here: https://nc.netgate.com/nextcloud/s/j9bwDZZMtLPFoEi
What's the Huawei device shown in the pcap? Is that public IP it is ARPing from your gateway IP?
-
@stephenw10 I don't have any Huawei devices, so not sure but the file is uploaded
-
Great I have that.
In your screenshot though you can see the Huawei device ARPing for public IPs. Is that your gateway?That traffic is arriving at em0 untagged. I presume it's coming from the ISP gateway.
-
Actually looking at your IP here it clearly is your ISP.
I don't expect to see that on a PPPoE connection. It implies that the modem you have might not be bridging the PPPoE like you think it is.
Have you tried just setting the pfSense WAN to DHCP? Or in fact just setting the em0 interface to DHCP, hat you have assigned as the OPT interface. -
@stephenw10 Was looking at the ip's where they are from, it's from the company that host most of the internet in Denmark i think (TDC) my ip is 94.147.46.16 I could try to set opt1 as DHCP when i get a chance at it
-
Exactly. Which means that traffic is somehow being sent to your modem and then passed to pfSense. And if it really is PPPoE only that implies the modem is still doing the PPPoE connection nand the VLAN tagging.
So I would try setting the em0 assigned interface to DHCP and see if it pulls an address.
Or if it's all static IPs just set your IP and gateway on that NIC.
And/or try to check what the modem is actually doing.
