Cannot Get Bridged Modem to work with WAN PPPoE- what am I doing Wrong?
-
Hi chpalmer
Well i am having problems getting port forwarding to work. refer:
http://forum.pfsense.org/index.php/topic,54463.msg291429.html#msg291429I had it set up like you suggested (refer pic attached of network setup)- Modem connecting to ISP with PPPoE stored it it, and WAN of pfsense connecting to Modem through DCHP - works fine - but port forwarding doesnt.
Any ideas?
Cheers.![network diagram - pbx items only shown.jpg](/public/imported_attachments/1/network diagram - pbx items only shown.jpg)
![network diagram - pbx items only shown.jpg_thumb](/public/imported_attachments/1/network diagram - pbx items only shown.jpg_thumb) -
I had it set up like you suggested (refer pic attached of network setup)- Modem connecting to ISP with PPPoE stored it it, and WAN of pfsense connecting to Modem through DCHP - works fine - but port forwarding doesnt.
Then your modem is probably acting as a router and you will probably need to specify port forwards in the modem/router as well as in pfSense.
What is in the pfSense PPP log?
-
Hi Wallabybob
-I forwarded the ports on the Modem to the WAN port of the PFSENSE BOX, then forwarded them in PFSENSE to my desired pc (3CX Pbx - my other post details including screenshots). And it did not work.
-when can i check this ppp log you talk of and how do i open it?
ta
-
My thought is that the modem may be able to do the pppoe while passing on the public address to your pfsense wan. But looks like your ISP may have their own firmware in the modem??
Set your modem back up as a bridge and your pfsense box to do the pppoe and then share your ppp logs here as wallabybob asked.
-
-
Two or three years ago I attempted to get pfSense PPPoE working with two different ADSL modem/routers set in bridge mode. Unfortunately I was unable to do so in "reasonable" time so figured I might be better off buying a $25 ADSL modem and that proved to be the case in that I got it working in very quick time. A major problem in getting the modem/routers working was the very limited troubleshooting capabilities available, in particular no packet capture and no counters. Even though packet capture on pfSense was showing outgoing PPP packets there didn't seem to be any way to gather any evidence the modem/routers were seeing the PPP packets. But that was while ago and my recollections might not be entirely accurate. I have felt no need to revisit the issue.
-
here is the log
Wallabybob- what modem make/ model did you get - that you can confirm works?
[system log PPP.txt](/public/imported_attachments/1/system log PPP.txt)
-
here is the log
Wallabybob- what modem make/ model did you get - that you can confirm works?
Chech out the Zoom 5715. I think Zytel makes one also.
-
Wallabybob- what modem make/ model did you get - that you can confirm works?
Tenda D820B.
-
here is the log
For comparison, here is an extract from my PPP log when it restarted after I powered cycled the modem.
Oct 7 21:40:27 pfsense ppp: [wan_link0] Link: reconnection attempt 27 in 4 seconds
Oct 7 21:40:31 pfsense ppp: [wan_link0] Link: reconnection attempt 27
Oct 7 21:40:31 pfsense ppp: [wan_link0] PPPoE: Connecting to ''
Oct 7 21:40:34 pfsense ppp: PPPoE: rec'd ACNAME "pe5.dc1-vars"
Oct 7 21:40:40 pfsense ppp: [wan_link0] PPPoE connection timeout after 9 seconds
Oct 7 21:40:40 pfsense ppp: [wan_link0] Link: DOWN event
Oct 7 21:40:40 pfsense ppp: [wan_link0] LCP: Down event
Oct 7 21:40:40 pfsense ppp: [wan_link0] Link: reconnection attempt 28 in 4 seconds
Oct 7 21:40:44 pfsense ppp: [wan_link0] Link: reconnection attempt 28
Oct 7 21:40:44 pfsense ppp: [wan_link0] PPPoE: Connecting to ''
Oct 7 21:40:53 pfsense ppp: [wan_link0] PPPoE connection timeout after 9 seconds
Oct 7 21:40:53 pfsense ppp: [wan_link0] Link: DOWN event
Oct 7 21:40:53 pfsense ppp: [wan_link0] LCP: Down event
Oct 7 21:40:53 pfsense ppp: [wan_link0] Link: reconnection attempt 29 in 4 seconds
Oct 7 21:40:57 pfsense ppp: [wan_link0] Link: reconnection attempt 29
Oct 7 21:40:57 pfsense ppp: [wan_link0] PPPoE: Connecting to ''
Oct 7 21:41:06 pfsense ppp: [wan_link0] PPPoE connection timeout after 9 seconds
Oct 7 21:41:06 pfsense ppp: [wan_link0] Link: DOWN event
Oct 7 21:41:06 pfsense ppp: [wan_link0] LCP: Down event
Oct 7 21:41:06 pfsense ppp: [wan_link0] Link: reconnection attempt 30 in 2 seconds
Oct 7 21:41:08 pfsense ppp: [wan_link0] Link: reconnection attempt 30
Oct 7 21:41:08 pfsense ppp: [wan_link0] PPPoE: Connecting to ''
Oct 7 21:41:08 pfsense ppp: PPPoE: rec'd ACNAME "pe5.dc1-vars"
Oct 7 21:41:08 pfsense ppp: [wan_link0] rec'd proto LCP while dead
Oct 7 21:41:08 pfsense ppp: [wan_link0] PPPoE: connection successful
Oct 7 21:41:08 pfsense ppp: [wan_link0] Link: UP event
Oct 7 21:41:08 pfsense ppp: [wan_link0] LCP: Up event
Oct 7 21:41:08 pfsense ppp: [wan_link0] LCP: state change Starting –> Req-Sent
Oct 7 21:41:08 pfsense ppp: [wan_link0] LCP: SendConfigReq #3
Oct 7 21:41:08 pfsense ppp: [wan_link0] PROTOCOMP
Oct 7 21:41:08 pfsense ppp: [wan_link0] MRU 1492
Oct 7 21:41:08 pfsense ppp: [wan_link0] MAGICNUM 31abc0a9
Oct 7 21:41:08 pfsense ppp: [wan_link0] LCP: rec'd Configure Ack #3 (Req-Sent)
Oct 7 21:41:08 pfsense ppp: [wan_link0] PROTOCOMP
Oct 7 21:41:08 pfsense ppp: [wan_link0] MRU 1492
Oct 7 21:41:08 pfsense ppp: [wan_link0] MAGICNUM 31abc0a9
Oct 7 21:41:08 pfsense ppp: [wan_link0] LCP: state change Req-Sent –> Ack-Rcvd
Oct 7 21:41:10 pfsense ppp: [wan_link0] LCP: rec'd Configure Request #2 (Ack-Rcvd)
Oct 7 21:41:10 pfsense ppp: [wan_link0] MRU 1492
Oct 7 21:41:10 pfsense ppp: [wan_link0] AUTHPROTO PAP
Oct 7 21:41:10 pfsense ppp: [wan_link0] MAGICNUM 4c71f0f4
Oct 7 21:41:10 pfsense ppp: [wan_link0] MP MRRU 1524
Oct 7 21:41:10 pfsense ppp: [wan_link0] ENDPOINTDISC [LOCAL] 70 65 35 2e 64 63 31 2d 76 61 72 73
Oct 7 21:41:10 pfsense ppp: [wan_link0] LCP: SendConfigRej #2
Oct 7 21:41:10 pfsense ppp: [wan_link0] MP MRRU 1524
Oct 7 21:41:10 pfsense ppp: [wan_link0] LCP: state change Ack-Rcvd –> Req-Sent
Oct 7 21:41:10 pfsense ppp: [wan_link0] LCP: SendConfigReq #4
Oct 7 21:41:10 pfsense ppp: [wan_link0] PROTOCOMP
Oct 7 21:41:10 pfsense ppp: [wan_link0] MRU 1492
Oct 7 21:41:10 pfsense ppp: [wan_link0] MAGICNUM 31abc0a9
Oct 7 21:41:10 pfsense ppp: [wan_link0] LCP: rec'd Configure Request #3 (Req-Sent)
Oct 7 21:41:10 pfsense ppp: [wan_link0] MRU 1492
Oct 7 21:41:10 pfsense ppp: [wan_link0] AUTHPROTO PAP
Oct 7 21:41:10 pfsense ppp: [wan_link0] MAGICNUM 4c71f0f4
Oct 7 21:41:10 pfsense ppp: [wan_link0] ENDPOINTDISC [LOCAL] 70 65 35 2e 64 63 31 2d 76 61 72 73
Oct 7 21:41:10 pfsense ppp: [wan_link0] LCP: SendConfigAck #3
Oct 7 21:41:10 pfsense ppp: [wan_link0] MRU 1492
Oct 7 21:41:10 pfsense ppp: [wan_link0] AUTHPROTO PAP
Oct 7 21:41:10 pfsense ppp: [wan_link0] MAGICNUM 4c71f0f4
Oct 7 21:41:10 pfsense ppp: [wan_link0] ENDPOINTDISC [LOCAL] 70 65 35 2e 64 63 31 2d 76 61 72 73
Oct 7 21:41:10 pfsense ppp: [wan_link0] LCP: state change Req-Sent –> Ack-Sent
Oct 7 21:41:10 pfsense ppp: [wan_link0] LCP: rec'd Configure Ack #4 (Ack-Sent)
Oct 7 21:41:10 pfsense ppp: [wan_link0] PROTOCOMP
Oct 7 21:41:10 pfsense ppp: [wan_link0] MRU 1492
Oct 7 21:41:10 pfsense ppp: [wan_link0] MAGICNUM 31abc0a9
Oct 7 21:41:10 pfsense ppp: [wan_link0] LCP: state change Ack-Sent –> Opened
Oct 7 21:41:10 pfsense ppp: [wan_link0] LCP: auth: peer wants PAP, I want nothing
Oct 7 21:41:10 pfsense ppp: [wan_link0] PAP: using authname "xxx@dsl.onthenet.net"
Oct 7 21:41:10 pfsense ppp: [wan_link0] PAP: sending REQUEST #1 len: 39
Oct 7 21:41:10 pfsense ppp: [wan_link0] LCP: LayerUp
Oct 7 21:41:10 pfsense ppp: [wan_link0] PAP: rec'd ACK #1 len: 5
Oct 7 21:41:10 pfsense ppp: [wan_link0] LCP: authorization successful
Oct 7 21:41:10 pfsense ppp: [wan_link0] Link: Matched action 'bundle "wan" ""'
Oct 7 21:41:10 pfsense ppp: [wan_link0] Link: Join bundle "wan"
Oct 7 21:41:10 pfsense ppp: [wan] Bundle: Status update: up 1 link, total bandwidth 64000 bps
Oct 7 21:41:10 pfsense ppp: [wan] IPCP: Open event
Oct 7 21:41:10 pfsense ppp: [wan] IPCP: state change Initial –> Starting
Oct 7 21:41:10 pfsense ppp: [wan] IPCP: LayerStart
Oct 7 21:41:10 pfsense ppp: [wan] IPCP: Up event
Oct 7 21:41:10 pfsense ppp: [wan] IPCP: state change Starting –> Req-Sent
Oct 7 21:41:10 pfsense ppp: [wan] IPCP: SendConfigReq #5
Oct 7 21:41:10 pfsense ppp: [wan] IPADDR 0.0.0.0
Oct 7 21:41:10 pfsense ppp: [wan] COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
Oct 7 21:41:10 pfsense ppp: [wan] IPCP: rec'd Configure Request #1 (Req-Sent)
Oct 7 21:41:10 pfsense ppp: [wan] IPADDR 121.50.212.9
Oct 7 21:41:10 pfsense ppp: [wan] 121.50.212.9 is OK
Oct 7 21:41:10 pfsense ppp: [wan] IPCP: SendConfigAck #1
Oct 7 21:41:10 pfsense ppp: [wan] IPADDR 121.50.212.9
Oct 7 21:41:10 pfsense ppp: [wan] IPCP: state change Req-Sent –> Ack-Sent
Oct 7 21:41:10 pfsense ppp: [wan] IPCP: rec'd Configure Reject #5 (Ack-Sent)
Oct 7 21:41:10 pfsense ppp: [wan] COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
Oct 7 21:41:10 pfsense ppp: [wan] IPCP: SendConfigReq #6
Oct 7 21:41:10 pfsense ppp: [wan] IPADDR 0.0.0.0
Oct 7 21:41:10 pfsense ppp: [wan] IPCP: rec'd Configure Nak #6 (Ack-Sent)
Oct 7 21:41:10 pfsense ppp: [wan] IPADDR 120.29.18.243
Oct 7 21:41:10 pfsense ppp: [wan] 120.29.18.243 is OK
Oct 7 21:41:10 pfsense ppp: [wan] IPCP: SendConfigReq #7
Oct 7 21:41:10 pfsense ppp: [wan] IPADDR 120.29.18.243
Oct 7 21:41:10 pfsense ppp: [wan] IPCP: rec'd Configure Ack #7 (Ack-Sent)
Oct 7 21:41:10 pfsense ppp: [wan] IPADDR 120.29.18.243
Oct 7 21:41:10 pfsense ppp: [wan] IPCP: state change Ack-Sent –> Opened
Oct 7 21:41:10 pfsense ppp: [wan] IPCP: LayerUp
Oct 7 21:41:10 pfsense ppp: [wan] 120.29.18.243 -> 121.50.212.9
Oct 7 21:41:11 pfsense ppp: [wan] IFACE: Up eventMy ISP is OntheNet who have their own DSLAM in my local telephone exchange. It appears your ISP is Dodo. I can't vouch that pfSense will work "out of the box" with Dodo. (I had to tweak pfSense PPP configuration to get pfSense to talk with Virgin Mobile PPP on 3G but that didn't seem necessary to talk with Optus 3G. Dodo might have their own requirements on PPPoE.)
-
One forum reader has reported being unable to get PPPoE started UNLESS the physical interface had a static IP address. The physical interface will have a static IP address if you follow the configuration how to in the pfSense documentation pages (see http://doc.pfsense.org) for being able to use PPP and access ADSL modem. I certain followed that howto when I configured pfSense for use with the Tenda ADSL modem. I suspect I didn't perform a similar configuration when I attempted to use the two different ADSL modem/routers in bridge mode.
It is not clear to me why it would be necessary for the physical interface to have a static IP, but it is so useful to be able to access the modem web page (and the static IP is necessary for that) I haven't explored the consequences of not having static IP on the physical interface. (strictly speaking, I should probably point out I don't quite have that configuration: my PPPoE runs over a VLAN, the pfSense VLAN interface has the static IP and the underlying physical interface doesn't).
Hope I haven't written "too much" and confused you.
-
One forum reader has reported being unable to get PPPoE started UNLESS the physical interface had a static IP address.
Which interface are we talking about here? (that needs the static IP) is this the modem itself? Or the WAN of PFSENSE?
I have followed these instructions to set the Netcomm NB6 Modem up in bridge mode: http://www.google.com.au/url?sa=t&rct=j&q=&esrc=s&source=web&cd=2&ved=0CC8QFjAB&url=http%3A%2F%2Fmedia.netcomm.com.au%2Fpublic%2Fassets%2Fpdf_file%2F0020%2F41645%2FBCS-NB6.pdf&ei=AcVzUOWUGLG0iQeS74DgCQ&usg=AFQjCNE2NWvnIW2qvCGe75QrWSsMwsZ3AQ&sig2=_ZrLRyEQ-ij4ww_2yQualg&cad=rja
So do i need to put a static address somewhere , if so, where?
What about the static IP address that my ISP gives me (which I know)- does that come in to it?
Guess I'm asking for clarification of where this static IP needs to go/what you mean/how to set up?
The physical interface will have a static IP address if you follow the configuration how to in the pfSense documentation pages (see http://doc.pfsense.org) for being able to use PPP and access ADSL modem. I certain followed that howto when I configured pfSense for use with the Tenda ADSL modem. I suspect I didn't perform a similar configuration when I attempted to use the two different ADSL modem/routers in bridge mode.
Any chance you'd be able to point out the specific section I need to review in the docs?
Many thanks Wallabybob :)
-
My thought is that the modem may be able to do the pppoe while passing on the public address to your pfsense wan. But looks like your ISP may have their own firmware in the modem??
Set your modem back up as a bridge and your pfsense box to do the pppoe and then share your ppp logs here as wallabybob asked.
Just confirming the ISP does not have firmware in the modem, bought it elsewhere, and multiple other modems work (in standard non pfsense type configuration.
-
This is the specific section:
http://doc.pfsense.org/index.php/How_can_i_access_my_PPPoE_Modem_on_WAN#For_2.0Steve
-
One forum reader has reported being unable to get PPPoE started UNLESS the physical interface had a static IP address.
Which interface are we talking about here? (that needs the static IP) is this the modem itself? Or the WAN of PFSENSE?
The page http://doc.pfsense.org/index.php/Accessing_modem_from_inside_firewall describes configuration of pfSense to access a web server on a DSL or cable modem. Hereafter I assume you are running pfSense 2.x so you should ignore the first part of that document. If things aren't clearer after reading that, ask for clarification.
-
Having the exact same issue here. Only difference in my general setup is that i'm using a bridged TP-Link TD-8817 modem connected to WAN and my ISP is Clubtelco (dodo reseller) so same provider as the original poster of this topic. This setup works if i use another router in place of pfsense. If i have pfsense deal with the pppoe connection it fails to connect to the internet at all but it does show signs in the log that the connect attempt is getting through to the ISP.
I have attached the ppp.log file to this post
-
So tasdevil, does your PFsense dashboard show a red "x" for WAN like mine? I'm going to try the tips from Wallabybob in regards to http://doc.pfsense.org/index.php/Accessing_modem_from_inside_firewall , will report findings shortly
-
If i have pfsense deal with the pppoe connection it fails to connect to the internet at all but it does show signs in the log that the connect attempt is getting through to the ISP.
I don't have a lot of experience in interpreting PPP logs but my suspicion is that the server (ISP) is insisting on a MRU (Maximum Receive Unit) of 1500 while your end (pfSense) is insisting on a MRU of 1454. Have you specified a non-default MTU on the PPP interface in pfSense?
-
I don't have a lot of experience in interpreting PPP logs but my suspicion is that the server (ISP) is insisting on a MRU (Maximum Receive Unit) of 1500 while your end (pfSense) is insisting on a MRU of 1454. Have you specified a non-default MTU on the PPP interface in pfSense?
Tried manually specifying values 1500 and 1492 but it still didn't connect. I have attached another log output.
So tasdevil, does your PFsense dashboard show a red "x" for WAN like mine? I'm going to try the tips from Wallabybob in regards to http://doc.pfsense.org/index.php/Accessing_modem_from_inside_firewall , will report findings shortly
Yes i get the red x too, with or without the ethernet cable plugged into the WAN port. I do notice a difference when comparing the output of both our log files. In my log it is clear that there is communication happening between my pfsense box and the ISP but in yours the output is very much the same thing that i get if i unplug the ethernet cable from the WAN port. I would check to see if your interfaces are correctly assigned. pppoe0 should be selected in the WAN dropdown list under the Interface assignments tab. Also under the ppp tab the pppoe0 interface should be linked to your physical WAN port. In my case pppoe0 is linked to em0.
Another issue that may crop up for you if your internet is provided through a telstra port at the exchange. If there are too many failed attempts to connect via pppoe then the port will lock any more attempts out for around 5 minutes. I always have to pull the WAN cable for a bit before i can try to connect again. You can see this happening at the end of the log i provided attached to this post.
-
Tried manually specifying values 1500 and 1492 but it still didn't connect. I have attached another log output.
Something wrong with letting it default?