No IP address displayed

doktornotor

Cannot you just add serial port in Virtualbox and use that as console?

stephenw10

You could but there's no need to do that you can already access the virtual VGA console. To configure the WAN for PPPoE you pretty much need to do it from the LAN side via the webgui.

Any second opinions on this are welcomed. As I said earlier in the thread I've used VBox only a few times and not recently so most of what I've said here is based on research rather than experience.

Steve

doktornotor

Only have ESXi and Hyper-V boxes available ATM, so… afraid I won't be of much help. I kinda don't understand what's the trouble here then. The web GUI does not work with WAN down, or what? If it does not, what's the problem with assigning some static temp IP to WAN meanwhile, just to get it running?

stephenw10

There are two issues.
The first is configuring the pfSense WAN interface to connect using PPPoE via a bridged adapter in VBox to the physical NIC and the cable modem. However we havne't yet actually tackled that because of the second issue…
Configuring the pfSense WAN to PPPoE needs (or is very much easier) to be done from the LAN side. Here the LAN interface is connected to an internal virtual network only so we have added an Ubuntu VM on that same network in order to fire up a browser and point it at the pfSense webgui. Currently the Ubuntu VM is not receiving an IP from the pfSense DHCP server. This should be pretty easy to accomplish. It's not helped by the fact that earlier access to the pfSense webgui was established via some accidental bridging route.

If you're up for it read back through the thread, try not to shout at the computer to much! ;)

Steve

satimis

Hi all,

Performed following steps but still fail.

Connection
ISP -> Modem -> PC

Make following changes:

Host

/etc/network/interfaces```

The loopback network interface

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
#(configure Debian host not using DHCP for the eth0 interface)

auto vboxnet0
iface vboxnet0 inet dhcp
#(configure debian host to connect to the pfSence router via the LAN port)


pfSense:
======
NIC1 of pfSence host - Adapter 1 - Bridged to eth0\. (also tried eth1/Internal Network)
NIC2 Adapter 2 - Host-Only Adapter
Name vboxnet0

Reboot Host

$ sudo ifconfig```

eth1      Link encap:Ethernet  HWaddr 90:f6:52:03:57:86  
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
          Interrupt:43 Base address:0xc000 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:24 errors:0 dropped:0 overruns:0 frame:0
          TX packets:24 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:1584 (1.5 KiB)  TX bytes:1584 (1.5 KiB)

vboxnet0  Link encap:Ethernet  HWaddr 0a:00:27:00:00:00  
          inet addr:192.168.56.1  Bcast:192.168.56.255  Mask:255.255.255.0
          inet6 addr: fe80::800:27ff:fe00:0/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:54 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:9229 (9.0 KiB)

Started pfSense


....
....
Configuring WAN interface .... starting pppoe link... done
.......
Starting NTP time client...Error : hostname nor servname provided, or not known
(held here for sometime)

WAN (wan)  ->  pppoe0  ->  NONE (PPPoE)
LAN (lan)  ->  em0  ->  192.168.1.1
....
....

(see attached photo image)

VM Ubuntu 12.04 64bit

Adapter -1
Bridge
eth0

Start VM
Warning:```

The virtual machine execution may run into an error condition as
described below. We suggest that you take an appropriate
action to avert the error.

Bridged interface eth0 is down. Guest will not be able to use
this interface.

Details
Error ID: BridgeInterfaceDown
Severity: Warning


Login pfSense (192.168.1.1)

Username
admin
Password
pfsense
-> Login

-> Interfaces -> WAN
Description  WAN

Type  PPPoE

Username (xxxxxxx)
Password (xxxxxx)

(check)
Block private networks
Block bogon networks
-> Save

Warning```

Interfaces: WAN
The WAN configuration has been changed.
You must apply the changes in order for them to take effect.
Don't forget to adjust the DHCP Server range if needed after applying.

-> Apply Changes

-> Status -> Interfaces -> click (connect)

Still failed (see attached photo image)

According to following document:-
pfSense initial configuration with ADSL WAN
http://www.interspective.net/2012/05/pfsense-initial-configuration-adsl-wan.html


....
The first thing you want to do is use a web browser to connect to your old modem / router and set the WAN interface to 'Bridge Mode'. Once you've logged in you will need to find the WAN type....

First I'm not allowed to touch the modem, impossible making change on its settings. Besides there will be no sense using the router to continue this test. My goal is using vRouter (pfSense)

I think my chance of success being remote? I'll buy a new router after switching to the new ISP on the coming April (the current router is on loan).

Rgds
satimis

Screenshot_pfsense_20140309.png_thumb

Screenshot_wan_interface_20140309.png_thumb

Screenshot_lan_20140310.png_thumb

doktornotor

If you are not able to configure the modem in any way, you cannot use pfSense to dial PPPoE. That's pretty much the whole story.

satimis

@doktornotor:

If you are not able to configure the modem in any way, you cannot use pfSense to dial PPPoE. That's pretty much the whole story.

Hi,

Thanks for your advice.

I consider not to spend further effort here because less than a month I'll use a new ISP. Then I'll try again before purchasing a new router. I'm subscribing Static IP. I'll make request to the new ISP for changing the settings on their ONT. They'll provide ONT not cable modem for HTTH Optical Fibre Network. My current ISP is not providing Optical Fibre Service.

I have the photo of the ONT attached here which is provided by the new ISP

There are 2 ports. I think I can use them connecting my 2 PCs? But how to assign LAN IP to VMs without a router?

Rgds
satimis

Screenshot_ont.png_thumb

stephenw10

You don't need to put your router in bridge mode because you have a separate modem and router. You have removed the router entirely leaving just the modem which expects to see a PPPoE connection.

Here's the think though. You are making this far more difficult than it needs to be by trying to do everything at once. The way to solve problems like this is to do in one step at a time. Right now you're trying to solve the PPPoE connection, the connection to the host and connection to the Ubuntu VM simultaneously. You are also changing many things between each post so that diagnosing what effect the changed have had becomes far more difficult.

The 192.168.56.X address given by the host only adapter to the host is an address given out by VBox when it's NATing. You probably don't want that.

Here's what I would do:
Solve one thing at a time. So first I would setup the connection between the pfSense VM and the Ubuntu administration VM.
Please put the router back in place so that it's handing out IPs. Setup the pfSense VM with two adapters as you did before:

pfSense
Adapter 1
Bridge
eth0

Adapter 2
Internal Network
intnet

Set the pfSense WAN interface to DHCP. It should receive an IP address on the WAN from the router. Now you know you have the correct adapter assigned to the WAN.

Set the Ubuntu VM adapter to:

Adapter 1
Internal Network
intnet

Set Ubuntu to use DHCP. Now it should receive an IP address from the pfSense DHCP server. If it does not we will try to solve that first before doing anything else. We need that connection work.

Steve

satimis

@stephenw10:

snip -

Please put the router back in place so that it's handing out IPs. Setup the pfSense VM with two adapters as you did before:

pfSense
Adapter 1
Bridge
eth0

Adapter 2
Internal Network
intnet

Set the pfSense WAN interface to DHCP. It should receive an IP address on the WAN from the router. Now you know you have the correct adapter assigned to the WAN.

Set the Ubuntu VM adapter to:

Adapter 1
Internal Network
intnet

Set Ubuntu to use DHCP. Now it should receive an IP address from the pfSense DHCP server. If it does not we will try to solve that first before doing anything else. We need that connection work.

Set connection as advised;

ISP -> Modem -> Router -> PC

also set config as advised.

Started pfSense followed by VM

Login gui pfSense
Wan -> DHCP
-> Applied changes

Status -> Interfaces
Status down
DHCP down [renew] (no function on clicking)

Rebooted pfSense, it held here;```

.....
Do you want tp set VLANs [y|n] em1: DAD detected duplicate IPv6 address
fe80:2::226:10ff:fe44:b61a: NS in/out=0/1 NA in=1
em1: DAD complete for fe80:2::226:10ff:fe44:b61a - duplicate found
em1: manual intervention required
em1: possible hardware address duplication detected,l disable IPv6


Edit:
===
Host
/etc/network/interfaces```

# The loopback network interface
auto lo
iface lo inet loopback

satimis

Screenshot_interfaces_20140310.png_thumb

stephenw10

Ok, well we have some new information at least!
That duplicated IPv6 address is probably because both the pfSense WAN and the Host, PC1, are requesting addresses using the same MAC address. They share the same physical MAC. I'm unsure why that didn't happen before. There is probably a work around by spoofing the MAC but if you don't need IPv6 you can just go to Interfaces: WAN: and set the IPv6 configuration type to 'none'. I assume you had set that to DHCP. Obviously leave the IPv4 type as DHCP.

So you had no problem connecting to the LAN from the Ubuntu VM? Did it receive an IP from the pfSense DHCP server? You can check it in Status: DHCP leases:

Steve

satimis

On Host before firing up pfSense

$ sudo ifconfig```

eth0 Link encap:Ethernet HWaddr 00:26:18:44:b6:1a
inet addr:192.168.0.10 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::226:18ff:fe44:b61a/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:231980 errors:0 dropped:0 overruns:0 frame:0
TX packets:144575 errors:0 dropped:0 overruns:0 carrier:1
collisions:0 txqueuelen:1000
RX bytes:322513726 (307.5 MiB) TX bytes:13891455 (13.2 MiB)
Interrupt:18

eth1 Link encap:Ethernet HWaddr 90:f6:52:03:57:86
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:43 Base address:0x4000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:480 (480.0 B) TX bytes:480 (480.0 B)


> That duplicated IPv6 address is probably because both the pfSense WAN and the Host, PC1, are requesting addresses using the same MAC address. They share the same physical MAC. I'm unsure why that didn't happen before. There is probably a work around by spoofing the MAC but if you don't need IPv6 you can just go to Interfaces: WAN: and set the IPv6 configuration type to 'none'. I assume you had set that to DHCP. Obviously leave the IPv4 type as DHCP.

Before changing pppoe back to DHCP I have put the MAC Address of eth0 "00:26:18:44:b6:1a" there (IIRC).  During changing pppoe to DHCP I deleted that MAC Address.

Now I couldn't start pfSense anymore it was held on;```

.....
Do you want tp set VLANs [y|n] em1: DAD detected duplicate IPv6 address
fe80:2::226:10ff:fe44:b61a: NS in/out=0/1 NA in=1
em1: DAD complete for fe80:2::226:10ff:fe44:b61a - duplicate found
em1: manual intervention required
em1: possible hardware address duplication detected,l disable IPv6

satimis

stephenw10

So you tried disabling DHCPv6?

At that screen you should still be able to answer 'N' to the VLANs question and continue the pfSense setup. The duplicate IP warning is just informational. It shouldn't stop you continuing.

Steve

satimis

@stephenw10:

So you tried disabling DHCPv6?

At that screen you should still be able to answer 'N' to the VLANs question and continue the pfSense setup. The duplicate IP warning is just informational. It shouldn't stop you continuing.

I was stuck there. Actually I was not allowed to keyin any imput. All were done automatically eversince starting pfSense.

This version of pfSense was imported on pfSense-2.0.3-RELEASE-amd64.ova download on Internet. Would this .ova have problem?

I also have pfSense-LiveCD-2.1-RELEASE-amd64.iso.gz download. I can create another VM installing this version.

satimis

satimis

Hi Steve

Created another pfSense VM (name=pfSense2.1) on pfSense-LiveCD-2.1-RELEASE-amd64.iso.gz download on pfSense site.


pfSense2.1
========
Adapter 1
Bridge
eth0

Adapter 2
Internal Network
intnet


VM Ubuntu 12.04
==============
Adapter 1
Internal Network
intnet

This time it works
–-------------------
Fire up pfSense2.1


WAN (wan)  -> em0  -> v4/DHCP4: 192.168.0.15/24
LAN (lan)  -> em1  -> v4: 192.168.1.1/24

WAN gets DHCP on physical Router

Start VM

$ sudo ifconfig```

eth1 Link encap:Ethernet HWaddr 08:00:27:5a:3d:a4
inet addr:192.168.1.101 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe5a:3da4/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:12104 errors:0 dropped:0 overruns:0 frame:0
TX packets:10357 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:13944700 (13.9 MB) TX bytes:1169137 (1.1 MB)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:1627 errors:0 dropped:0 overruns:0 frame:0
TX packets:1627 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:226777 (226.7 KB) TX bytes:226777 (226.7 KB)


VM obtains IP on pfSense2.1

I can login pfSense2.1 on VM

satimis

stephenw10

Ok, excellent. Remember those settings! :)

So now there are two further problems to be tackled one at a time.
1. Change the WAN connection to PPPoE directly from pfSense.
2. Add a host adapter so the host also uses pfSense as it's internet gateway.

Personally I would try to do 1 first but it's up to you. Don't try to do both at the same time though it will only introduce further confusion.

Steve

satimis

@stephenw10:

So now there are two further problems to be tackled one at a time.
1. Change the WAN connection to PPPoE directly from pfSense.
2. Add a host adapter so the host also uses pfSense as it's internet gateway.

Personally I would try to do 1 first but it's up to you. Don't try to do both at the same time though it will only introduce further confusion.

Ok I'll do step-1 first without changing Adapter 1 and 2 of pfSense. I'll do direct editing on gui pfSense to change DHCP to PPPoE

How about the devices connection? Still behind the router?

OR
ISP -> Modem -> PC ?

Shall I add the MAC Address of eth0 ?

If unsuccessful I'll add Step-2 which, I suppose, is an addition to Step-1?

I'm not very clear of;

2. Add a host adapter so the host also uses pfSense as it's internet gateway.

Whether add another Adapter to pfSense
Adapter 3
Host-Only Adapter
Name: vboxnet0

And edit /etc/network/interfaces of Host as;```

The loopback network interface

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
Address 192.168.1.2
Netmask 255.255.255.0
Gateway 192.168.1.1

auto vboxnet0
iface vboxnet0 inet dhcp


Please advise.  Thanks

satimis

stephenw10

Ok so to do part one, yes, change the pfSense WAN interrface to PPPoE and connect the modem directly the bridged host NIC.
Enter the correct PPP username/password in pfSense. Reboot the modem.
If it doesn't connect check the system and PPP logs in pfSense to see how far it got for clues.

For part 2 that's exactly what I would do though when I read through the documentation I wasn't able to fully understand how the 'host only' adapter functions.
In pfSense go to Interfaces: (assign) and click the '+' icon and bottom to add a new interface. It will be OPT1 but you can rename it, say, HOST, if you like. Enable the interface and give it an IP address and subnet, something you're not using anywhere else. Go to Firewall: Rules: OPT1: and add a rule to allow out traffic, use the default allow rule from LAN as a template. Go to Services: DHCP Server: and add a DHCP sever to OPT1. Since you will only ever have one machine in that subnet you could use static IPs instead.

Steve

satimis

@stephenw10:

Ok so to do part one, yes, change the pfSense WAN interrface to PPPoE and connect the modem directly the bridged host NIC.
Enter the correct PPP username/password in pfSense. Reboot the modem.

login gui pfSense

-> WAN
IPv4 Configuration Type PPPoE
IPv6 Configuration Type DHCP6
DHCPv6 Prefix Delegation size 64
Username xxxxx
Password xxxxx

(check) Block private networks
(check) Block bogon networks

-> Save
-> Apply Changes

After a while

Start VM Ubuntu 12.04
$ sudo ifconfig```

[sudo] password for satimis:
eth1 Link encap:Ethernet HWaddr 08:00:27:5a:3d:a4
inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe5a:3da4/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1656 errors:0 dropped:0 overruns:0 frame:0
TX packets:1088 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1311226 (1.3 MB) TX bytes:146582 (146.5 KB)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:504 errors:0 dropped:0 overruns:0 frame:0
TX packets:504 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:38378 (38.3 KB) TX bytes:38378 (38.3 KB)


$ ping yahoo.com```

PING yahoo.com (98.139.183.24) 56(84) bytes of data.
64 bytes from ir2.fp.vip.bf1.yahoo.com (98.139.183.24): icmp_req=1 ttl=46 time=254 ms
64 bytes from ir2.fp.vip.bf1.yahoo.com (98.139.183.24): icmp_req=2 ttl=46 time=278 ms
64 bytes from ir2.fp.vip.bf1.yahoo.com (98.139.183.24): icmp_req=3 ttl=46 time=235 ms

It works !

I get it connected to ISP !

Reboot pfSense```

WAN (wan) -> pppoe0 -> v4/PPPoE: 2xx.2xx.2xx.1xx/32
LAN (lan) -> em1 -> v4: 192.168.1.1/24


It shows the static IP which I subscribe.

> If it doesn't connect check the system and PPP logs in pfSense to see how far it got for clues.

Whether on pfSense terminal

-> 12) pfSense Developer Shell
and look for PPP logs there ?

> For part 2 that's exactly what I would do though when I read through the documentation I wasn't able to fully understand how the 'host only' adapter functions.
> In pfSense go to Interfaces: (assign) and click the '+' icon and bottom to add a new interface. It will be OPT1 but you can rename it, say, HOST, if you like. Enable the interface and give it an IP address and subnet, something you're not using anywhere else. Go to Firewall: Rules: OPT1: and add a rule to allow out traffic, use the default allow rule from LAN as a template. Go to Services: DHCP Server: and add a DHCP sever to OPT1\. Since you will only ever have one machine in that subnet you could use static IPs instead.

Interface -> assign
click '+' to add a new interface OPT1
-> Save

Interfaces -> OPT1 -> (check) Enable Interfaces
IPv4 Configuration Type  Static IPv4
IPv6 Configuration Type  None

IPv4 address  192.168.1.8
Gateway  None
(check)  Block private networks
(check)  Block bogon networks
-> Save -> Apply changes

-> Firewall -> Rules -> OPT1
-> add new rule
Action  Pass
Interface  OPT1
TCP/IP Version  IPv4
Protocol  TCP
- > Save

Service -> DHCP server
(check) Enable DHCP server on OPT1 interface

I was stuck here.

What range shall I fill in here avoiding the warning: ???```

The following input errors were detected:
The specified range lies outside of the current subnet.

Thanks

satimis

Screenshot_dhcp_server.png_thumb

phil.davis

You have used a /32 subnet mask on OPT1, so there are no other addresses available other than the pfSense OPT1 address. I think (without having read too much of this thread) that yourOPT! is supposed to be a different subnet to LAN, and will connect the host OS through to pfSense.
You need to put a different subnet than on the internal VM-based LAN - e.g. make it the pfSense OPT1 192.168.2.1/24 - then you can make a big (or small) dhcp range, like 192.168.2.10 to 192.168.2.99

stephenw10

@satimis:

-> WAN
IPv4 Configuration Type PPPoE
IPv6 Configuration Type DHCP6
DHCPv6 Prefix Delegation size 64
Username xxxxx
Password xxxxx

Unless you need to have IPv6 enabled here, and your ISP is supplying it via DHCPv6, I would set WAN IPv6 to 'none'.

@satimis:

$ ping yahoo.com```

PING yahoo.com (98.139.183.24) 56(84) bytes of data.
64 bytes from ir2.fp.vip.bf1.yahoo.com (98.139.183.24): icmp_req=1 ttl=46 time=254 ms
64 bytes from ir2.fp.vip.bf1.yahoo.com (98.139.183.24): icmp_req=2 ttl=46 time=278 ms
64 bytes from ir2.fp.vip.bf1.yahoo.com (98.139.183.24): icmp_req=3 ttl=46 time=235 ms
It works !

I get it connected to ISP !

Nice! :)

@satimis:

-> 12) pfSense Developer Shell
and look for PPP logs there ?

Nope the PPP logs can be found via the webgui. Status: System Logs: PPP tab.
However I wouldn't worry about that because you have managed to connect successfully, the logs will just detail the connection succeeding.

@satimis:

Interfaces -> OPT1 -> (check) Enable Interfaces
IPv4 Configuration Type Static IPv4
IPv6 Configuration Type None

IPv4 address 192.168.1.8
Gateway None
(check) Block private networks
(check) Block bogon networks

Like Phil has pointed out you are already using the 192.168.1.X subnet for LAN. You need to use something like 192.168.2.X.
The Block bogon and private network boxes should be unchecked.

@satimis:

-> Firewall -> Rules -> OPT1
-> add new rule
Action Pass
Interface OPT1
TCP/IP Version IPv4
Protocol TCP

What did you put for the source and destination? Can we get a screenshot of this rule please.

Steve