Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Netgate SG-1100 set up best practice with home gateway for IP Phone?

    Scheduled Pinned Locked Moved
    Official Netgate® Hardware
    2
    4
    753
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      ChapInTokyo
      last edited by ChapInTokyo

      Hi, my first time on this forum. I would like to use my Netgate SG-1100 as the router/firewall/DHCP server/VPN server in my network, while keeping my phone company's Home Gateway device for its IP Phone functions.

      I have made it work by connecting the devices like this:

      Phone line -- VDSL terminal device -(WAN DHCP)HOME GATEWAY with PPPoE BRIDGE turned on(LAN 192.168.1.1)-- (WAN DHCP)SG-1100(LAN 192.168.10.1/DHCP server range 192.168.10.0 255.255.255.0) -- Ethernet Switch connected to Wi-Fi router on bridge mode, printer, smart TV, PCs etc.

      After doing a factory reset on the Home Gateway so that it would no longer have the connection information for my provider, and turning its PPPoE bridge mode "on", and its DHCP server and UPnP settings to "off" and its LAN port to "192.168.1.1", and setting up SG-1100's WAN to DHCP, everything including the IP Phone connected to the Home Gatway seems to work just fine.

      Could you please let me know whether there are any potential issues with my setup as above? It is the first time I have had to use both a firewall/router/VPN device like the Netgate with my broadband provider's Home Gateway and am still feeling my way. Thanks for your help!

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        A double NAT setup like will work fine for most situations. It makes setting up port forwards more difficult. It breaks UPnP forwarding if you need that.

        When enabling the PPPoE bridge mode in the gateway device I would expect pfSense to have to run the PPPoE session. It would then get the public IP directly on the pfSense WAN so would only be a single NAT.
        However in that setup the IP phone may not work because that requires the gateway device to have a public IP.

        Steve

        C 1 Reply Last reply Reply Quote 0
        • C
          ChapInTokyo @stephenw10
          last edited by ChapInTokyo

          @stephenw10 Thanks Steve! In the setup that I'm currently using, the Netgate SG-1100 is running the PPPoE session with my ISP and it's WAN port has been assigned a dynamic global address automatically by the ISP's DHCP server.

          I might be lucky because the Home Gateway (which is connected between my VDSL adapter and my SG-1100) seems to have no trouble connecting with the phone company's IP Phone server automatically even though the WAN address has been assigned to the SG-1100 rather than to the Home Gateway (fyi the Home Gateway is a box called the RX-600KI from NTT East Japan). I am imagining that the IP Phone might be working on a WAN address assigned by the phone company's server rather than the WAN address assigned by my ISP but this is just a wild guess.

          In any case, since everything so far is working ok I guess my next step is to see whether OpenVPN will work with the SG-1100 behind the Home Gateway in PPPoE bridge mode! (I'm currently setting up the PfBlockerNG and the FreeRADIUS parts...). Thanks again for your reassuring words!

          Chap in Tokyo

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            Ah, nice. That's a good result then. Yes they must be using some thing out of band for the IP phone, which is good. 👍

            1 Reply Last reply Reply Quote 0
            • First post
              Last post