PPOE DSL connection with 8 fix IPs (no routed subnet)
-
I'm running pfsense since years on DSL using a routed subnet and this is just working perfectly. However i had to change the provider and my new provider assigned me 8 IPs (not a routed subnet) but i'm struggling to get a working configuration.
I configured pfsense to handle to PPOE login and i'm getting the following address on the pfsense interface.
IP: xxx.yyy.28.153/32
According to my ISP they assigned me the net xxx.yyy.28.152/29 which means i should be able to assign the IPs xxx.yyy.28.154-xxx.yyy.28.158 to my PPOE interface. I did try this with ARPproxy VIP and a 1:1 NAT to a system in my DMZ but i can't get to the DMZ server from the outside world.
On the internal Network this work fine.
I'm struggling to understand how my IPs can be reached from the PPOE connection (/32) and I would be extremely glad if someone could give a hint ::) here. -
Found this here
….you would have a static that is assigned to
the wan of your router using ipip, and the /29 is routed to that
address(think - ip route $subnet 255.255.255.248 $static). When that subnet
hits your router you can do pretty much anything you want to with it. We
usually suggest that customers assign the first usable to the lan of their
router (usually ala linksys variety) and make sure that nat(or gateway mode)
is turned off. They would set up their internal host using an ip out of the
subnet with the router internal as their gateway. Some customers even add a
second router for NATing (if you are using lo end soho routers that may be
your only option). ......I'll try this ans see how it goes.
-
.. got a bit closer to the issue I believe. :-
I found this article here http://alexbleicker.blogspot.ch/2013/12/how-to-use-pfsense-with-bt-infinity.html where the suggestion is to instead setting the VIP on the PPOE device, create the VIP on the localhost. -
Problem is fixed: My ISP had an issue on the routing on his site. This is the working setup
DSL line –> DSLmodem/router configured as bridge --> <pfsense>WAN interface configured as PPOE getting the 28.153/32--> VIP 28.154/29...128.155/29 and so on created on the localhost interface. NAT to forward the /29 IPs to the systems in the DMZ.
</pfsense>