Need help connecting to a modem/router with NO bridge mode
-
To phil.davis Thanks for clarifying the NAT question. If I turn off DHCP on the isp device, then I will not need to give pfsense WAN a static IP, right? Because I can't assign static IP's in the isp device.
If you turn off DHCP on the ISP device, then you DO have to give pfSense WAN a static IP (on Interfaces->WAN on pfSense). You DO NOT have to make any setting on the ISP device - pfSense WAN and ISP device will have different static IPs in the same subnet and happily talk to each other over the cable.
But keep on with the bridge stuff, as Steven says:As I say though a bridged mode where pfSense gets a public IP address on its WAN is much better.
-
If you again set the modem in rfc1483 bridge mode and setup pfSense to do the PPPoE session (you may have to reboot the modem to clear any existing PPP sessions) then if pfSense gets a public IP you need to test for a connection from the pfSense box.
At the console try to ping 8.8.8.8. Then try to ping google.com. Note the actual response, the error given is almost always more informative than 'didn't work'. ;)
Steve
Edit: Grammar!
-
Had a busy night and didn't attempt to work on this at all, but thought I should quick ping you to let you know I am still working on it.
I will try a few things tomorrow and post back. Thank you for your help!
-
Sorry for the delay! Super busy week. I know it's not like anyone is waiting on pins and needles for me to post back, but I feel like it's the couteous thing to let people know I intend to get back to this thread in the next day or two.
-
Sorry for the delay! Super busy week. I know it's not like anyone is waiting on pins and needles for me to post back, but I feel like it's the couteous thing to let people know I intend to get back to this thread in the next day or two.
No problem! Let us know of result
-
Well I finally found time to take another crack at it and again came away empty handed.
Once again I set the isp device into transparent bridge mode (TBM) and after that I rebooted it just to be sure any current PPPoe sessions were ended. Then I booted my pfsense and it obtained a public ip address on the WAN. I connected the pfsense lan to a switch and my computer into the same switch, logged into the pfsense gui, and same as before could not access the internet.
I then attempted to ping Google (8.8.8.8) through the pfsense terminal (option 7 from the menu) and it failed. It did not give me an error code, it simply said "no route to host".
I then tried pinging Google from the GUI under the diagnostics menu. Same result. BUT when I changed the "from" field to WAN rather than leaving it on the default setting, I was able to successfully ping 8.8.8.8 Is this significant??
Once again I feel like I am really really close, and yet so far away.
I though about taking some screen shots inside the pfsense GUI, but there are so many I wasn't sure what would be relevant. My point is, if there is some data I can collect that will help diagnose this situation, I will gladly do so, but I obviously need some direction.
I really appreciate any help anyone can offer.
-
It did not give me an error code, it simply said "no route to host".
'No route to host' is a very useful error message. It tells us that the pfSense box cannot even send the ping because it doesn't know how to reach 8.8.8.8.
I then tried pinging Google from the GUI under the diagnostics menu. Same result. BUT when I changed the "from" field to WAN rather than leaving it on the default setting, I was able to successfully ping 8.8.8.8 Is this significant??
Very. If it can ping when you choose WAN manually that tells us that the default selection is not WAN, which of course it should be.
Most likely cause is that there is a gateway set on the LAN interface which has caused it to become the default route.
Go to Interfaces: LAN: and remove any gateway set there.
Go to System: Routing: Gateways: and remove the LAN gateway from there too (if it's still there). make sure the WAN gateway is set as default.Another possibility is that there is no gateway set at all on any interface. That would probably be some PPP issue.
Steve
-
It did not give me an error code, it simply said "no route to host".
'No route to host' is a very useful error message. It tells us that the pfSense box cannot even send the ping because it doesn't know how to reach 8.8.8.8.
I then tried pinging Google from the GUI under the diagnostics menu. Same result. BUT when I changed the "from" field to WAN rather than leaving it on the default setting, I was able to successfully ping 8.8.8.8 Is this significant??
Very. If it can ping when you choose WAN manually that tells us that the default selection is not WAN, which of course it should be.
Most likely cause is that there is a gateway set on the LAN interface which has caused it to become the default route.
Go to Interfaces: LAN: and remove any gateway set there.
Go to System: Routing: Gateways: and remove the LAN gateway from there too (if it's still there). make sure the WAN gateway is set as default.Another possibility is that there is no gateway set at all on any interface. That would probably be some PPP issue.
Steve
Well I would say it is really significant if you can ping out the WAN. Connection would be working then but there is something up for sure inside pfSense. Good idea steve.
-
Success!! YES!!
Obviously I am thrilled to report that pfsense is now working! I took stephenw10's advice and found a gateway set up on the lan interface. When pfsense failed to work the first time I tried it, I tweaked some settings (that being one of them) just to see what would happen. Oops :P
So, if we walk this back to the beginning, I'm pretty sure it would have worked immediately IF I had rebooted my isp device to clear any existing PPPoe session. The first time I set it in bridge mode I did not reboot before connecting my pfsense rig.
I also want to spell this out for the search engines to pick up for any hapless Frontier users out there. The Frontier Actiontec V1000W CAN be set to Transparent Bridge Mode (TBM) even though Frontier customer support and even their technical support desk will LIE to you and say it can't be done. Yes it can!! Frontier is FLAT OUT LYING to their clients because they don't want to support TBM for residential clients. Oh sure, if you are willing to pay double the monthly fee to have a "business" account they will support it, but why should I have to do that when the functionality is available to me as a residential client. That's extortion!! Worse, it's yet another example of an isp being out of touch with the needs of the market. There is NO WAY I am the only residential client who NEEDS access to bridge mode in order to take greater control over my internal network. With the modern home having dozens of connected devices, users need more control than ever, NOT LESS! Whew, thanks for letting me get that off my chest.
A huge thank you to all those who chimed in on this thread! I am really grateful, because I know I could not have gotten it done on my own. It's really great to know there is an active community of users for this really powerful and useful open source software. I am so pumped to go and play with my new ULTRA-POWERFUL router ;D
STATIC IP's FOR EVERYONE!!
-
Nice. :) Have fun!
Steve
-
If you ever go back to your Frontier supplied router in router mode, you may have problems. If your router says you are connected, but no clients can access internet sites, put this URL in a browser: http://192.168.1.1/frontier/redirect.htm (substitute your router's IP address if not 168.192.1.1). Click on the button on the page.