How do I discover ISP's PPPoE credentials and connection settings?
-
I'm having a problem with a certain ISP.
I'm trying to replace the ISP modem with a pfSense box. If it were another ISP, things would be very simple; I'd configure the VLAN and MACs and then provide the PPPoE credentials and I'd be done. (I once personally went to the biggest ISP's local HQ and talked to the engineer in charge, who told me they didn't like the said setup but they didn't mind as long as it worked for the customer.)
But this particular ISP maintains that they are not obliged to give the customer any details concerning the service they provide and that he is obliged to use the modem/router he is provided. It is not possible to configure their device and they won't give him his PPPoE credentials. They even refuse to put the modem/router in bridge mode! They say we can, of course, put our own router behind theirs and be done with it, and you know why I don't want to do that.
This is how they provide their service:
Though I've heard at some sites, it's like this:
So my thinking is:
When the modem/router is reset, it loses all information stored on it. But when it is back online, it connects to the ISP in a matter of seconds. Since the ISP cannot embed the connection information into each and every device before they ship it, it has to be obtaining its configuration data from the ISP, and all the information necessary must be contained in ethernet frames.My question is:
How can I pull out this information using pfSense? (i.e. MAC addresses and PPPoE credentials) -
@scilek said in How do I discover ISP's PPPoE credentials and connection settings?:
So my thinking is:
When the modem/router is reset, it loses all information stored on it. But when it is back online, it connects to the ISP in a matter of seconds. Since the ISP cannot embed the connection information into each and every device before they ship it, it has to be obtaining its configuration data from the ISP, and all the information necessary must be contained in ethernet frames.I don't think that is how it works...
PPPoE includes username and password which can not be automatically read from the connection, in plain text. That would defeat the purpose.
- each device is actually set up with credentials. Either batch loading before delivery, but more likely it's done via remote management (automatically). Meaning the device is set up to call into a server, and identifies itself as the device in question (MAC, Serial etc?) and then receives the credentials.
- it is not necessarily lost at reboot, it is stored in non volatile memory.
I'm not sure but it might be possible to set up your own device to behave like the modem and get the settings automatically. Assuming you can figure out how the ISP has set things up, since it needs to be identified and accepted as a if it is the ISP modem basically.
-
@Gblenn said in How do I discover ISP's PPPoE credentials and connection settings?:
it is not necessarily lost at reboot, it is stored in non volatile memory.
I was referring to hard reset, not a reboot.
@Gblenn said in How do I discover ISP's PPPoE credentials and connection settings?:
I'm not sure but it might be possible to set up your own device to behave like the modem and get the settings automatically.
The ISP device must be initiate a conversation with their system, right?
-
@scilek said in How do I discover ISP's PPPoE credentials and connection settings?:
The ISP device must be initiate a conversation with their system, right?
Yes, it needs to know the destination, and the "credentials" in order to identifiy itself to the ISP server. It is most likely secured in a way that you can not simply copy the process. Even if MAC and Serial can be cloned, there may be a certificate embedded in their devices.
-
@Gblenn
Some guy managed to retrieve the PPPoE credentials using an off-the-shelf router. (I do not want to mention from what vendor.) As it happens, there is no VLAN. I was able to connect without even cloning the MAC. I guess they put too much trust in their setup.We should be able to do the same on pfSense too.
-
I assume you have no access to the ISP device config interface? What device is that exactly?
You can put a switch that supports port mirroring upstream of it and capture the PPPoE connection. The ISP doesn't have to use encryption for the credentials, but they probably do.
The ISP doesn't actually have to use individual credentials at all. BT in the UK for example use the same login for all devices. They know who you are by what line you're connecting on.
You could probably also bridge some ports in pfSense and use that instead of the switch mirror port to pcap on.
-
@stephenw10 said in How do I discover ISP's PPPoE credentials and connection settings?:
I assume you have no access to the ISP device config interface? What device is that exactly?
The site is in another city, but I guess it's a ZTE. It allows access on the LAN, but you cannot configure WAN, or view configuration.
@stephenw10 said in How do I discover ISP's PPPoE credentials and connection settings?:
The ISP doesn't actually have to use individual credentials at all. BT in the UK for example use the same login for all devices. They know who you are by what line you're connecting on.
This one does use credentials. But they probably know who you are by the line.
@stephenw10 said in How do I discover ISP's PPPoE credentials and connection settings?:
You could probably also bridge some ports in pfSense and use that instead of the switch mirror port to pcap on.
That was my thinking exactly. I'll try that the next time. I cannot call and ask them to undo what they've just done.
