PFsense installation PPOE
-
Are you setting your existing modem into bridge mode? If not then you need to do this otherwise you are behind double NAT.
So you should have this:
Phone line - Modem (turned into bridge mode) - Pfsense box (set to PPPoE connection)- PC/switch/AP
As your modem is turned into bridge mode it disables firewall, WIFI and all of that it just turns packets into something PFsense can use. The authentication (PPPoE) is done on the router as all the modem is doing is transferring the packets to the Pfsense box.
I am guessing your router isnt in bridge mode so basically you have this
Phone line - Modem/router (PPPoE connection) - Pfsense box (also trying to do the PPPoE connection)
Why is works with static IP is your just putting it into double NAT mode and this would be very troublesome to setup.
Please forgive me if I am miles off whats happening but I am new to Pfsense really and just going off my experiences lol
-
i dont find any option to change to bridge mode , so i was planning to replace dlink router with PFSENSE PC with 2 NIC
DIR-600L
-
What model router is the dlink? might make it easier to see if its possible.
You will still need a modem there to deal with the network, I dont think there is a way you can remove it from the situation TBH.
The most ideal method is to bridge your modem, I have been running this and it works great.
If you cant bridge it maybe try to buy/borrow a router that you can do this on.
If you can give us the model of the router your using and also is it ISP supplied? as here ISP routers tend to be locked down so you cannot access such functions, But you could search to see if there is a default admin username and password to access the features they locked down.
-
http://www.dlink.co.in/products/?pid=544
DIR-600L
If it wont support then i think
ISP LINK –-- > [ISP WAN ]DLINK Router doing PPOE 192.168.1.1–-------->(WAN-192.168.1.2) PFSENSE (LAN 192.168.0.1)
and keep PFSENSE WAN IP 192.168.1.2 in DLINK's DMZ IP
this creates two nating , but it will works rite? with minimal latency issue (less than 50 devices )
-
Different model but i got this Dlink emulator link , can u show where is that option
http://support.dlink.com/emulators/ebr2310_revB/Advanced_Network.html
in this page it does says settings
http://support.dlink.com/emulators/ebr2310_revB/Help_Basic.html
but when i click setting in that web emulator and i real it doesnt show Bridge option
edit and if i doing bridging like u said , do i need to use crossover cable since i am connecting two router or is it auto sense?
-
Says in the help about bridge mode but I cannot find it anywhere. Has things about bigpond on it is yours the same? Was it supplied by ISP? as there is a good chance telstra locked that feature out as ISP want you to pay extra for that as they class it as a business application then haha.
ISP LINK –-- > [ISP WAN ]DLINK Router doing PPOE 192.168.1.1–-------->(WAN-192.168.1.2) PFSENSE (LAN 192.168.0.1)
and keep PFSENSE WAN IP 192.168.1.2 in DLINK's DMZ IP
just adding the PFsense IP into the DMZ host should work but its still double NAT and not ideal it just may be hard to port forward thing, I have only just ran mine in this mode a few days ago as I am troubleshooting major low upload speed but I never tried to see how port forwarding works and how programs work with it. The net loaded fine but I would say you could have issues forwarding ports.
edit and if i doing bridging like u said , do i need to use crossover cable since i am connecting two router or is it auto sense?
There is no need for a crossover, Infact I was told I may need one with the double NAT as you mentioned above but it works fine on mine as most network cards now days will identify what it needs to be and a patch cable should work now unless your using old networking card
-
NO ,We are using local Internet give to us using Ethernet cable and ppoe authentication
-
no currently we dont need portforward any ports , most r web traffic and we planning to use pfsense
to block sites with squid+squidguard and get usage reportok , i willl setup as dmz since mine not support bridge
isp–>router > LAN DHCP > pfsense with WAN DHCP and LAN in different network
all client have Gateway as Pfsense LAN IP
ISP Router settings
i keep PFsense IP in DMZdo i need to disable SPI and other security in ISP router ?
-
Oh ok. It may work without your dlink router. Give it a shot if not then you may have to just use it as in and put the pfsense box IP into the DMZ host IP.
Hit your friends and family up some one may have another router you can try configure into bridge. I usually have 4+ laying around lol.
You shouldnt need to disable anything on the dlink
It may not be needed so see how you go with what you have.
-
Configured Pfsense router as DMZ , working perfect , i noticed issues with double nating is issue with VPN and portforwarding . but since my ISP NAT again i cant use VPN or other , (previous ISP used to provided public IP dynamically , but current provide high speed by 172.30.x.x private ip range which is NATed , so no issue with double NATing
thank you