No public IP on WAN interface
-
Hi All. I am using a Motorola SBG6580 cable modem. I set my cable modem to BRIDGING mode and disabled DHCP Server on it. On my pfsense box I am getting a local IP 10.x.x.x when I set the interface to DHCP. My public IP is 170.x.x.x. I cannot port forward on the pfsense box I am guessing because of local ip vs public ip. I unticked Block private networks and loopback addresses & Block bogon networks for now while troubleshooting.
How do I get a public IP on WAN? Can port forwarding work in pfsense without it? Another possibly related issue is that the internet completely dies after about a day. From what I have read its probably due to DHCP issue. Renewing WAN interface seems to fix it temporarily (about 1 day). I have not yet contacted my ISP because this is not a standard config for customers and I wanted to rule out issues on my end first. Any advice would be greatly appreciated.
-
@sls:
No public IP on WAN interface
&
@sls:… My public IP is 170.x.x.x. ...
What is it, yes or no ?
IF your cable modem is in bridge mode, it is not dealing with the concept of "IP's" anymore. It is a simple "signal convert". Your WAN IP assigned to you by your ISP will be present on the WAN interface of pfSense. This interface should be setup per ISP instructions, like PPPOE or DHCP-client.
@sls:
I cannot port forward on the pfsense box I am guessing because of local ip vs public ip. I unticked Block private networks and loopback addresses & Block bogon networks for now while troubleshooting.
IF your modem / router is in router mode, it will propose a 'local' IP (like 10.0.0.0/24 or 192.168.1.0/24) to the WAN interface of pfSense (obtained by DHCP client or simply static). In that case the "Block private networks and loopback addresses" should NOT bet set on the WAN interface config ;)
"Block private networks and loopback addresses" could be set on the WAN interface config IF it possess a WAN (Internet routable) IP.
@sls:
How do I get a public IP on WAN?
As said above : your ISP will inform you how to obtain the IP.
Maybe PPPOE - maybe DHCP, maybe a static (fixed) IP.@sls:
Can port forwarding work in pfsense without it?
I had a simple ADSL modem (== bridge) for years. PAT was 'sooooo' simple, because the WAN interface was connected directly to the net.
pfSense, in that case, is not any different then any other "router" I used the last couple of decades.
Recently, I had to 'upgrade' my simple ADSL modem to some "big device" with plenty of functions - also knows as gadgets - that I don't need (like TV, telephone, Wifi, whatever) - AND it COULD NOT be put in 'bridge' mode …. >:( This means I had to create a "router after router" setup.
Two major consequences are :- My pfSense WAN IP becomes a 'local IP', I chose 192.168.10.x/24 - the IP was served by the DHCP server my ISP-Router in front of pfSense. Of course, I'm NOT stupid, I "MAC' locked my pfSense WAN DHCP lease so it becomes always the SAME local IP.
- PAT (port forwarding) had to be done IN the ISP-Router AND in pfSense. No big deal actually - it works fine when setup correctly.
@sls:
Another possibly related issue is that the internet completely dies after about a day. From what I have read its probably due to DHCP issue. Renewing WAN interface seems to fix it temporarily (about 1 day). I have not yet contacted my ISP because this is not a standard config for customers and I wanted to rule out issues on my end first. Any advice would be greatly appreciated.
Check the log in pfSense. The DHCP-client running on WAN is requesting (renewing) the actual lease ? Any answer back ?
Check out threads like this : https://forum.pfsense.org/index.php?topic=108531.0
-
@sls:
My public IP is 170.x.x.x.
Why do you think so?
If you will connect your PC directly to your modem - will you see that address on your Ethernet adapter status page?