Pfsense + Thomson ST510
-
The reason I asked you to ping google.com as well as 8.8.8.8 was to determine if DNS was working. At this point it's probably not relevent since pinging by IP didn't work but the first thing that you see when pinging by URL is:
[2.1.3-RELEASE][root@pfsense.fire.box]/root(1): ping google.com PING google.com (173.194.34.174): 56 data bytes 64 bytes from 173.194.34.174: icmp_seq=0 ttl=56 time=13.773 msYou can see that it has resolved the url to an IP.
I notice that the IP you're given when set to DHCP on WAN is still a private address in the 10.0.0.0/8 range. Is that the same type of address that the Thompsom router gets if it's connecting without pfSense?
Steve
-
If your ISP really is handing out 10/8 IPs, if it's doing CGN for example, then you may have to disable the firewall in the ST510. You probably want to do that anyway.
http://www.petenetlive.com/KB/Article/0000210.htm
If having selected to assign the public IP to a device in the router you can still access the internet by using the routers lan side subnet details manually then I would suggest it has not correctly assigned the public IP.
Steve
-
Yes, My ISP's gateway is in the 10. range. (Private range) my thomson router has a 10.0.0.138 IP but this cannot be reached at all when I set my WAN to DHCP.
-
What subnet is your ISP handing the WAN?
Some ISPs are now handing out /32 subnets via DHCP which is not a standards compliant configuration. Other OSes allow this configuration (Windows, some Linux distros) but FreeBSD does not. There is a workaround.Steve
-
I believe it's a /30.
Not entirely sure - you've got to realize that the ISP we are dealing with here isn;t your usual ISP, they do things very differently.
I'm within this range.
https://apps.db.ripe.net/search/query.html?searchtext=77.86.33.157&searchSubmit=search#resultsAnchor
I'll be honest I think it's a slash /30 but it COULD be A /32
Anyway I can find out ??
-
Ah, the broadband principality of Hull! ;)
The address in that link is not handed to you then?
Go to Status: Interfaces: in the webgui. All the details handed to you should be there.
Steve
-
Screenies:
-
Any Ideas ?
And thanks by the way I appreciate the help - I'd love to get this working… If I can!!!
I'm lost, I cant think of anything else to try!!
-
Would the following work.
I assign an IP on my WAN for example 77.86.33.156….
And my Gateway set that to... the actual IP that I get from DHCP from my ISP ?
Would/Should that work ?
-
Ah, I just re-read the thread and now it makes more sense. I had assumed that because the gateway being given to you is 10.X.X.X then the IP would similarly be 10.x.x.x. But no.
Ok well the gateway address you are being sent, 10.55.200.44, is outside the subnet of your WAN address which is a real public IP. The subnet mask you're being sent is a /8 which is really weird. Like you say Kcom are not a 'normal' ISP! ::)
The workaround should still apply here but the details you have are very odd. If you connect the router in the normal way, without pfSense, does it too receive these same (or similar) details?
Anyway the workaround for this is to add a route to the gateway address. See:
https://redmine.pfsense.org/issues/972
Specifically at the console enter these two commands:# route add -net 10.55.200.44/32 -iface rl0 # route add default 10.55.200.44If that works then you can add the commands to Shellcmd so they run at each boot.
We might need some input from a higher source on this though because it looks….wrong! ???
Steve
-
Thanks yes it is an odd setup and yes even usjng the thomson on its own I get alk of the same IP settingd same subnet n everything.
Ok thanks for those commands ill try them when I get chance to get back on my machine.
what exactly will those commands do ???
-
This is a very old post but may still be relevant:
http://karooforums.net/index.php/topic,483.msg4677.html
I expect to see something similar to that posters gateway settings. The issue you may have is the gateway address you're given changes if you reconnect the modem for whatever reason.Are you active on the Karoo forum? Maybe time to join if not. There's sure to be some people trying to do something similar there.
Those commands add a route to the gateway IP via your WAN interface, because otherwise pfSense has no idea how to reach it, and then sets the gateway IP as the default route for all traffic.
Steve
-
Ok when I do dhcp on the WAN that 10. Adress does appear in gateways… is that not the same thing ?? Its gets this from dhcp.
-
The same thing as what? What the commands do? Yes except that it cannot be set as default route because without those commands pfSense cannot get to the gateway address, it's outside the subnet of the WAN.
Steve
-
Im going to try the commands tonight - will keep you posted!!
Thanks
-
-
Thanks for all your help!!!
-
Ok. :)
Those routes will only stay in place until your re-boot the pfSense box so to make them run each time the box is booted install the shellcmd package and them add them to it.
The other thing is that this depends entirely on Karoo always giving you the same IP details, or at least the same gateway. They may or may not do that. Their setup seems so odd it's impossible to even speculate! If they don't then what is needed is a script to enter the routes based on whatever gateway is given. There were several comment to that effect in the bug report but nothing I've actually seen.
It would be great to get a second oppinion on just what's going on here. Anyone?
Also I would definitely suggest a post on the Karoo forum. You fellow subscribers will have faced this before any will probably have more info.
Steve
-
Hi, Ive added package ShellCMd and have added those commands - and it works!!
I do have one little problem though and if I could solve it everything would be perfect!!
For some reason I'm getting dropouts when browsing the internet…. under Interfaces - I have errors 0/12.
Any Ideas ?
-
Which interface is that?
If it's the wifi interface then it's to be expected. For example my own home ath interface:Status up MAC address 00:11:f5:**:**:** - Askey Computer IPv4 address 192.168.10.1 Subnet mask IPv4 255.255.255.0 IPv6 Link Local fe80::211:f5**:****:****%ath0_wlan0 Media autoselect mode 11g <hostap>Channel 8 SSID ******** BSSID 10:bf:48**:**:** Rate 48M RSSI 16.5 In/out packets 288630/321309 (32.64 MB/327.74 MB) In/out packets (pass) 288630/321309 (32.64 MB/327.74 MB) In/out packets (block) 950/0 (184 KB/0 bytes) In/out errors 3/119 Collisions 0</hostap>What do you mean by drop outs?
Steve
