Cannot Get Bridged Modem to work with WAN PPPoE- what am I doing Wrong?
-
This is the specific section:
http://doc.pfsense.org/index.php/How_can_i_access_my_PPPoE_Modem_on_WAN#For_2.0Steve
-
One forum reader has reported being unable to get PPPoE started UNLESS the physical interface had a static IP address.
Which interface are we talking about here? (that needs the static IP) is this the modem itself? Or the WAN of PFSENSE?
The page http://doc.pfsense.org/index.php/Accessing_modem_from_inside_firewall describes configuration of pfSense to access a web server on a DSL or cable modem. Hereafter I assume you are running pfSense 2.x so you should ignore the first part of that document. If things aren't clearer after reading that, ask for clarification.
-
Having the exact same issue here. Only difference in my general setup is that i'm using a bridged TP-Link TD-8817 modem connected to WAN and my ISP is Clubtelco (dodo reseller) so same provider as the original poster of this topic. This setup works if i use another router in place of pfsense. If i have pfsense deal with the pppoe connection it fails to connect to the internet at all but it does show signs in the log that the connect attempt is getting through to the ISP.
I have attached the ppp.log file to this post
-
So tasdevil, does your PFsense dashboard show a red "x" for WAN like mine? I'm going to try the tips from Wallabybob in regards to http://doc.pfsense.org/index.php/Accessing_modem_from_inside_firewall , will report findings shortly
-
If i have pfsense deal with the pppoe connection it fails to connect to the internet at all but it does show signs in the log that the connect attempt is getting through to the ISP.
I don't have a lot of experience in interpreting PPP logs but my suspicion is that the server (ISP) is insisting on a MRU (Maximum Receive Unit) of 1500 while your end (pfSense) is insisting on a MRU of 1454. Have you specified a non-default MTU on the PPP interface in pfSense?
-
I don't have a lot of experience in interpreting PPP logs but my suspicion is that the server (ISP) is insisting on a MRU (Maximum Receive Unit) of 1500 while your end (pfSense) is insisting on a MRU of 1454. Have you specified a non-default MTU on the PPP interface in pfSense?
Tried manually specifying values 1500 and 1492 but it still didn't connect. I have attached another log output.
So tasdevil, does your PFsense dashboard show a red "x" for WAN like mine? I'm going to try the tips from Wallabybob in regards to http://doc.pfsense.org/index.php/Accessing_modem_from_inside_firewall , will report findings shortly
Yes i get the red x too, with or without the ethernet cable plugged into the WAN port. I do notice a difference when comparing the output of both our log files. In my log it is clear that there is communication happening between my pfsense box and the ISP but in yours the output is very much the same thing that i get if i unplug the ethernet cable from the WAN port. I would check to see if your interfaces are correctly assigned. pppoe0 should be selected in the WAN dropdown list under the Interface assignments tab. Also under the ppp tab the pppoe0 interface should be linked to your physical WAN port. In my case pppoe0 is linked to em0.
Another issue that may crop up for you if your internet is provided through a telstra port at the exchange. If there are too many failed attempts to connect via pppoe then the port will lock any more attempts out for around 5 minutes. I always have to pull the WAN cable for a bit before i can try to connect again. You can see this happening at the end of the log i provided attached to this post.
-
Tried manually specifying values 1500 and 1492 but it still didn't connect. I have attached another log output.
Something wrong with letting it default?
-
Something wrong with letting it default?
Sorry i should have mentioned that letting it default was the last thing i tried and the result of that is in the last log file i posted.
-
Ok some progress:
1. @ TasDevil. Understand your advice to check Wan dropdown list is set to PPPoE….yes...it it is. Second part you say "under ppp tab the ppoe0 interface should be linked to physical WAN port" Mate where do i find the "ppp tab" . do u mind clarifying.
2. @ Wallabybob - i have SUCCESSFULLY configured an additional interface to be able to access my modem, as detailed in your & Steve's instructions link. So Lan is still on 192.168.2.1 , but when i key in 192.168.1.1 it successfully brings up my modem GUI
That's all well and good, but what do I do now? Am i still trying to put my router in bridge mode?
-
1. @ TasDevil. Understand your advice to check Wan dropdown list is set to PPPoE….yes...it it is. Second part you say "under ppp tab the ppoe0 interface should be linked to physical WAN port" Mate where do i find the "ppp tab" . do u mind clarifying.
Go to (menus along the top) Interfaces –-> (assign) then use the tabs on that page. Tabs you want to check are "Interface assignments" and "PPPs". On the first tab i mentioned check that the WAN dropdown list has pppoe0 or pppoe1,2,3 etc selected as the network port. On the PPPs tab check that pppoe0 is linked to your physical interface for the WAN. In my case pppoe0 is linked to interface em0.
Hope this helps
-
Am i still trying to put my router in bridge mode?
If you want pfSense to talk PPPoE to your ISP the modem/router needs to be in bridge mode so PPP gets from your ISP to pfSense.
-
wallabybob, not sure what i need to do next?
I can access the modem's web interface when it is not in bridge mode, once it's in the bridge mode it wont even ping.
Have attached the latest PPP log and screenshots of my settings.
Still getting red X on dashboard for wan when it is in PPPoE mode, it will only work showing greeen and connection up when in DCHP mode
![dashboard - wan is showing cross.jpg](/public/imported_attachments/1/dashboard - wan is showing cross.jpg)
![dashboard - wan is showing cross.jpg_thumb](/public/imported_attachments/1/dashboard - wan is showing cross.jpg_thumb)
![interface assign ports.jpg](/public/imported_attachments/1/interface assign ports.jpg)
![interface assign ports.jpg_thumb](/public/imported_attachments/1/interface assign ports.jpg_thumb)
![interfaces ppp edit.jpg](/public/imported_attachments/1/interfaces ppp edit.jpg)
![interfaces ppp edit.jpg_thumb](/public/imported_attachments/1/interfaces ppp edit.jpg_thumb)
![interfaces ppp.jpg](/public/imported_attachments/1/interfaces ppp.jpg)
![interfaces ppp.jpg_thumb](/public/imported_attachments/1/interfaces ppp.jpg_thumb)
ppp.txt -
Are you sure your ISP doesn't require pppoa?
-
wallabybob, not sure what i need to do next?
Your screenshots show PPP using re0. You would also configure re0 with static IP address in the same subnet as the modem. You have an interface modemaccess with IP address 192.168.1.47. I presume therefore the modem has IP address in the 192.168.1.0/24 subnet. However I don't know where re2 connects. Possibly you have a multiport modem router and re0 AND re2 both connect to it. Maybe using both ports should work, I don't know the implementation details of your router. You should be able to use re0 for pppoe0 and use re0 for IP to talk with modem. So I suggest you reconfigure so WAN interface is pppoe0 and modem access is re0 and reboot.
-
Have attached the latest PPP log and screenshots of my settings.
Your PPP log shows no sign of a response from the ISP.
Are you sure your ISP doesn't require pppoa?
I think the modem would normally make the change from PPP encapsulation on Ethernet (PPPoE) to PPP encapsulation on ATM (PPPoA).
-
I have been running wireshark in order to take a look at the pppoe communication that is happening between pppoe client and the ISP during the failed connection attempts from pfsense as well as a successful attempts from the windows 7 pppoe client to my ISP. What i have found is that the connection attempt fails because pfsense and my ISP fail to agree on an MTU value. pfsense always seems to insist on using 1492 where as my ISP demands a value of 1500. I noticed in the windows 7 pppoe client that it will initially request a value of 1480 which fails, then 1492 which also fails. Finally it tries 1500 which is accepted and the connection completes.
I have tried forcing the MTU value to 1500 in the pppoe connection options but pfsense seems to ignore that and continues to insist on using 1492 as the MTU value during negotiation. Is there any way to force the value in a configuration file or via command line?
noddy184 your pfsense configuration looks fine from what i have seen in your screenshots. I suspect that your issue may be that your modem is not set to bridge mode. Once you have your modem set to bridge mode i suspect you will then run into the same issue as i am having at the moment since we use the same ISP.
-
I have tried forcing the MTU value to 1500 in the pppoe connection options but pfsense seems to ignore that and continues to insist on using 1492 as the MTU value during negotiation. Is there any way to force the value in a configuration file or via command line?
Where did you try changing it? I suspect it might have to be done from Interfaces -> (assign), click on PPPs tab, click on "e" to the right of the appropriate interface line, click on Show advanced options button, fill in the required MTU, click on Save (to update configuration file), click on Apply (to apply change to running system).
The check the ppp log again. If that doesn't show an improved result check the ppp configuration file: /var/etc/mpd_wan.conf for its mtu value.
-
Where did you try changing it? I suspect it might have to be done from Interfaces -> (assign), click on PPPs tab, click on "e" to the right of the appropriate interface line, click on Show advanced options button, fill in the required MTU, click on Save (to update configuration file), click on Apply (to apply change to running system).
The check the ppp log again. If that doesn't show an improved result check the ppp configuration file: /var/etc/mpd_wan.conf for its mtu value.
Yes that is where i changed it. I performed a reboot of the system just to be safe and tried again. pfsense still tries to use a value of 1492 after all that. I checked the mpd_wan.conf file and it has the correct value of 1500 for MTU so the change does apply there but pfsense seems to ignore it anyway.
Edit: i need to also note that i have also tried other freebsd based firewall OSs and they all have the same behaviour. None of them want to connect via pppoe. I have also tried linux based firewall OSs and those connect just fine.
-
I just tried bridging mode on a third modem, a Dlink DSL2750b, with no luck, refer log and screenshot. Says it's connected but it's not.
Getting frustrated it must be something simple!
![dlink in bridging mode says connected.jpg](/public/imported_attachments/1/dlink in bridging mode says connected.jpg)
![dlink in bridging mode says connected.jpg_thumb](/public/imported_attachments/1/dlink in bridging mode says connected.jpg_thumb)
[system log PPP dlink.txt](/public/imported_attachments/1/system log PPP dlink.txt) -
When it's in bridge mode correctly the modem will never show connected since pfSense is handling the PPPoE and IP level connection. It will show the dsl link status though.
For example see the attached screenshot from my modem that I'm using to write this!Steve