Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    2.4 IPV6 issues

    Scheduled Pinned Locked Moved 2.4 Development Snapshots
    12 Posts 5 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bimmerdriver
      last edited by

      A while back, I was trying to set up an HE tunnel using 2.4 to troubleshoot a problem I was having accessing mail.yahoo.com on 2.3 (which was nothing to do with pfsense or HE). I encountered a problem which seemed to be related to this bug: https://redmine.pfsense.org/issues/6828. The bug status indicates it's not a problem, but I never went back and confirmed.

      1 Reply Last reply Reply Quote 0
      • G
        grandrivers
        last edited by

        ok additional problem using 2 pppoe interfaces which works ok so far but appears to be an issue that is i set monitor address it applys correctly to pppoe1 but static routes seem to always get added to pppoe0

        pfsense plus 25.03 super micro A1SRM-2558F
        C2558 32gig ECC  60gig SSD

        1 Reply Last reply Reply Quote 0
        • D
          doktornotor Banned
          last edited by

          In case your dual/tripple PPPoE comes from the same ISP and uses the same gateway for each WAN, that's broken, unsupported by FreeBSD and generally a waste of time to debug.

          1 Reply Last reply Reply Quote 0
          • H
            heper
            last edited by

            @dok, isn't pppoe An exception to that limitation?

            1 Reply Last reply Reply Quote 0
            • D
              doktornotor Banned
              last edited by

              Not really, it works by accident but still buggy as described here (and in other ways). Definitely not supported configuration.

              1 Reply Last reply Reply Quote 0
              • G
                grandrivers
                last edited by

                I know guess I was just hoping cause i can't get any change from isp actually can't get any change from either of the 2 isps available to me
                I begged for MLPPP and then said equipment doesn't support it then told me what they are using for access concentrator to prove its unsupported but right in the manual it gives directions how to setup mlppp so its just a stupid policy

                pfsense plus 25.03 super micro A1SRM-2558F
                C2558 32gig ECC  60gig SSD

                1 Reply Last reply Reply Quote 0
                • G
                  grandrivers
                  last edited by

                  @doktornotor:

                  In case your dual/tripple PPPoE comes from the same ISP and uses the same gateway for each WAN, that's broken, unsupported by FreeBSD and generally a waste of time to debug.

                  I agree with exception of when someone doesn't have better options guess I could take one of the modems out of bridge mode and run double NAT? or unless someone has an idea i didn't think of ?
                  I cant afford a dedicated fiber connection (even though there are 3 different fibers that cross the property no one  that will or can sell out of them)
                  so from my experience less regulation will make my problem (internet) worse not better

                  pfsense plus 25.03 super micro A1SRM-2558F
                  C2558 32gig ECC  60gig SSD

                  1 Reply Last reply Reply Quote 0
                  • jimpJ
                    jimp Rebel Alliance Developer Netgate
                    last edited by

                    It's not ideal but you could always change the modem on one of the WANs to be a router so that the overlapping network is masked by NAT. Setup 1:1 NAT / "DMZ" on the modem to point everything to pfSense on that WAN and you should still be able to make a tunnel to HE.net work.

                    Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                    Need help fast? Netgate Global Support!

                    Do not Chat/PM for help!

                    1 Reply Last reply Reply Quote 0
                    • G
                      grandrivers
                      last edited by

                      yeah but then snort would not get true wan address in that setup ? is there any other pitfalls I haven't thought of ? also guess I could just run ipv4 only and wait on isps to enable ipv6?

                      pfsense plus 25.03 super micro A1SRM-2558F
                      C2558 32gig ECC  60gig SSD

                      1 Reply Last reply Reply Quote 0
                      • jimpJ
                        jimp Rebel Alliance Developer Netgate
                        last edited by

                        You'd still see the traffic coming in to snort, not sure it would really care about the destination.

                        If you're worried about snort and want it to have the public address directly, drop another little pfSense box or VM on that WAN to do just snort + pppoe + NAT.

                        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                        Need help fast? Netgate Global Support!

                        Do not Chat/PM for help!

                        1 Reply Last reply Reply Quote 0
                        • G
                          grandrivers
                          last edited by

                          could end up with my actual public ip blocked by snort as no way in that setup to whitelist automatically a changing ip

                          pfsense plus 25.03 super micro A1SRM-2558F
                          C2558 32gig ECC  60gig SSD

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.