Cannot Get Bridged Modem to work with WAN PPPoE- what am I doing Wrong?
-
I don't have a lot of experience in interpreting PPP logs but my suspicion is that the server (ISP) is insisting on a MRU (Maximum Receive Unit) of 1500 while your end (pfSense) is insisting on a MRU of 1454. Have you specified a non-default MTU on the PPP interface in pfSense?
Tried manually specifying values 1500 and 1492 but it still didn't connect. I have attached another log output.
So tasdevil, does your PFsense dashboard show a red "x" for WAN like mine? I'm going to try the tips from Wallabybob in regards to http://doc.pfsense.org/index.php/Accessing_modem_from_inside_firewall , will report findings shortly
Yes i get the red x too, with or without the ethernet cable plugged into the WAN port. I do notice a difference when comparing the output of both our log files. In my log it is clear that there is communication happening between my pfsense box and the ISP but in yours the output is very much the same thing that i get if i unplug the ethernet cable from the WAN port. I would check to see if your interfaces are correctly assigned. pppoe0 should be selected in the WAN dropdown list under the Interface assignments tab. Also under the ppp tab the pppoe0 interface should be linked to your physical WAN port. In my case pppoe0 is linked to em0.
Another issue that may crop up for you if your internet is provided through a telstra port at the exchange. If there are too many failed attempts to connect via pppoe then the port will lock any more attempts out for around 5 minutes. I always have to pull the WAN cable for a bit before i can try to connect again. You can see this happening at the end of the log i provided attached to this post.
-
Tried manually specifying values 1500 and 1492 but it still didn't connect. I have attached another log output.
Something wrong with letting it default?
-
Something wrong with letting it default?
Sorry i should have mentioned that letting it default was the last thing i tried and the result of that is in the last log file i posted.
-
Ok some progress:
1. @ TasDevil. Understand your advice to check Wan dropdown list is set to PPPoE….yes...it it is. Second part you say "under ppp tab the ppoe0 interface should be linked to physical WAN port" Mate where do i find the "ppp tab" . do u mind clarifying.
2. @ Wallabybob - i have SUCCESSFULLY configured an additional interface to be able to access my modem, as detailed in your & Steve's instructions link. So Lan is still on 192.168.2.1 , but when i key in 192.168.1.1 it successfully brings up my modem GUI
That's all well and good, but what do I do now? Am i still trying to put my router in bridge mode?
-
1. @ TasDevil. Understand your advice to check Wan dropdown list is set to PPPoE….yes...it it is. Second part you say "under ppp tab the ppoe0 interface should be linked to physical WAN port" Mate where do i find the "ppp tab" . do u mind clarifying.
Go to (menus along the top) Interfaces –-> (assign) then use the tabs on that page. Tabs you want to check are "Interface assignments" and "PPPs". On the first tab i mentioned check that the WAN dropdown list has pppoe0 or pppoe1,2,3 etc selected as the network port. On the PPPs tab check that pppoe0 is linked to your physical interface for the WAN. In my case pppoe0 is linked to interface em0.
Hope this helps
-
Am i still trying to put my router in bridge mode?
If you want pfSense to talk PPPoE to your ISP the modem/router needs to be in bridge mode so PPP gets from your ISP to pfSense.
-
wallabybob, not sure what i need to do next?
I can access the modem's web interface when it is not in bridge mode, once it's in the bridge mode it wont even ping.
Have attached the latest PPP log and screenshots of my settings.
Still getting red X on dashboard for wan when it is in PPPoE mode, it will only work showing greeen and connection up when in DCHP mode
ppp.txt -
Are you sure your ISP doesn't require pppoa?
-
wallabybob, not sure what i need to do next?
Your screenshots show PPP using re0. You would also configure re0 with static IP address in the same subnet as the modem. You have an interface modemaccess with IP address 192.168.1.47. I presume therefore the modem has IP address in the 192.168.1.0/24 subnet. However I don't know where re2 connects. Possibly you have a multiport modem router and re0 AND re2 both connect to it. Maybe using both ports should work, I don't know the implementation details of your router. You should be able to use re0 for pppoe0 and use re0 for IP to talk with modem. So I suggest you reconfigure so WAN interface is pppoe0 and modem access is re0 and reboot.
-
Have attached the latest PPP log and screenshots of my settings.
Your PPP log shows no sign of a response from the ISP.
Are you sure your ISP doesn't require pppoa?
I think the modem would normally make the change from PPP encapsulation on Ethernet (PPPoE) to PPP encapsulation on ATM (PPPoA).
-
I have been running wireshark in order to take a look at the pppoe communication that is happening between pppoe client and the ISP during the failed connection attempts from pfsense as well as a successful attempts from the windows 7 pppoe client to my ISP. What i have found is that the connection attempt fails because pfsense and my ISP fail to agree on an MTU value. pfsense always seems to insist on using 1492 where as my ISP demands a value of 1500. I noticed in the windows 7 pppoe client that it will initially request a value of 1480 which fails, then 1492 which also fails. Finally it tries 1500 which is accepted and the connection completes.
I have tried forcing the MTU value to 1500 in the pppoe connection options but pfsense seems to ignore that and continues to insist on using 1492 as the MTU value during negotiation. Is there any way to force the value in a configuration file or via command line?
noddy184 your pfsense configuration looks fine from what i have seen in your screenshots. I suspect that your issue may be that your modem is not set to bridge mode. Once you have your modem set to bridge mode i suspect you will then run into the same issue as i am having at the moment since we use the same ISP.
-
I have tried forcing the MTU value to 1500 in the pppoe connection options but pfsense seems to ignore that and continues to insist on using 1492 as the MTU value during negotiation. Is there any way to force the value in a configuration file or via command line?
Where did you try changing it? I suspect it might have to be done from Interfaces -> (assign), click on PPPs tab, click on "e" to the right of the appropriate interface line, click on Show advanced options button, fill in the required MTU, click on Save (to update configuration file), click on Apply (to apply change to running system).
The check the ppp log again. If that doesn't show an improved result check the ppp configuration file: /var/etc/mpd_wan.conf for its mtu value.
-
Where did you try changing it? I suspect it might have to be done from Interfaces -> (assign), click on PPPs tab, click on "e" to the right of the appropriate interface line, click on Show advanced options button, fill in the required MTU, click on Save (to update configuration file), click on Apply (to apply change to running system).
The check the ppp log again. If that doesn't show an improved result check the ppp configuration file: /var/etc/mpd_wan.conf for its mtu value.
Yes that is where i changed it. I performed a reboot of the system just to be safe and tried again. pfsense still tries to use a value of 1492 after all that. I checked the mpd_wan.conf file and it has the correct value of 1500 for MTU so the change does apply there but pfsense seems to ignore it anyway.
Edit: i need to also note that i have also tried other freebsd based firewall OSs and they all have the same behaviour. None of them want to connect via pppoe. I have also tried linux based firewall OSs and those connect just fine.
-
I just tried bridging mode on a third modem, a Dlink DSL2750b, with no luck, refer log and screenshot. Says it's connected but it's not.
Getting frustrated it must be something simple!
[system log PPP dlink.txt](/public/imported_attachments/1/system log PPP dlink.txt) -
When it's in bridge mode correctly the modem will never show connected since pfSense is handling the PPPoE and IP level connection. It will show the dsl link status though.
For example see the attached screenshot from my modem that I'm using to write this!Steve
-
I just tried bridging mode on a third modem, a Dlink DSL2750b, with no luck, refer log and screenshot. Says it's connected but it's not.
Getting frustrated it must be something simple!
Actually… have a look at the last ppp log you posted.
Oct 11 15:51:17 ppp: [wan_link0] MRU 1492
Oct 11 15:51:17 ppp: [wan_link0] MAGICNUM 6bda01c0
Oct 11 15:51:17 ppp: [wan_link0] LCP: rec'd Configure Nak #22 (Ack-Sent)
Oct 11 15:51:17 ppp: [wan_link0] MRU 1500
Oct 11 15:51:17 ppp: [wan_link0] LCP: not converging
Oct 11 15:51:17 ppp: [wan_link0] LCP: parameter negotiation failed
Oct 11 15:51:17 ppp: [wan_link0] LCP: state change Ack-Sent –> Stopped
Oct 11 15:51:17 ppp: [wan_link0] LCP: LayerFinish
Oct 11 15:51:17 ppp: [wan_link0] PPPoE: connection closedYour bridged modem is now set up correctly. From the looks of that log there is communication happening between pfsense and your ISP (dodo). Congrats! you are now having the same issue as me with pppoe negotiation failing due to MTU. This only happens for me on pfsense. Every other firewall OS i try connects to pppoe fine.
-
you are now having the same issue as me with pppoe negotiation failing due to MTU. This only happens for me on pfsense.
Perhaps you could try a snapshot build of pfSense 2.1 whch includes a more up to date version of the PPP daemon (5.6) than is included in pfSense 8.1 (5.5).
-
Perhaps you could try a snapshot build of pfSense 2.1 whch includes a more up to date version of the PPP daemon (5.6) than is included in pfSense 8.1 (5.5).
Tried it just then and unfortunately the issue still exists. There must be an incompatibility with pppd and dodo's configuration on their end. I remember trying out pfsense back when i was on iinet and internode before that and pppoe worked perfectly fine.
-
Wonder if Dodo could do true bridged mode for you on their end.
I.E. no log in. Its basically an ethernet connection using a DSL modem.
-
Wonder if Dodo could do true bridged mode for you on their end.
I.E. no log in. Its basically an ethernet connection using a DSL modem.
Can't be done. All home ADSL connections here in Australia use PPPoA and PPPoE to my knowledge. It's just the way the network is set up here.
The above shouldn't have to be done anyway. If the Windows and Linux PPPoE clients can deal with dodo's configuration just fine then why can't pppd and pfsense or any other freebsd based routing OS? all that i've tried have the exact same issue.
