Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPhone Tethering to pfSense

    Scheduled Pinned Locked Moved Hardware
    64 Posts 7 Posters 18.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • GertjanG
      Gertjan
      last edited by Gertjan

      That's a partial ntp discussion, loading the list with peers from the default "0.pfsense.pool.ntp.org" pool.

      edit : wait ..... you are really using an iPhone, the 'USB cable' as a networked WAN device ? Interesting.

      No "help me" PM's please. Use the forum, the community will thank you.
      Edit : and where are the logs ??

      E 1 Reply Last reply Reply Quote 1
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        Looks like it's querying DNS on the phone. We've yet to see anything other than the phone's local IP as the destination.

        Does pfSense still have some other gateway it's using?

        You can specify that gateway of you go to Diag > Ping, say, and ping something external. You should see that in a packet capture.

        Steve

        1 Reply Last reply Reply Quote 1
        • E
          eiger3970
          last edited by eiger3970

          VM pfSense Interfaces are:
          WAN (the old Ethernet connection via the hypervisor), currently showing IP address 0.0.0.0.
          LAN (the current and working local area network), currently showing IP address 192.168.1.170.
          WAN2 (the USB passthrough from the hypervisor to VM pfSense), currently showing IP address 0.0.0.0.

          The hypervisor has the VM pfSense Hardware with a network device configured as:
          net0 virtio=ma:ca:dd:re:ss:00,bridge=vmbr0
          net1 virtio=ma:ca:dd:re:ss:01,bridge=vmbr1

          vmbr0 was the WAN to the previous internet cable provider.
          vmbr1 is the LAN interface.

          I pinged 1.1.1.1 and the packet capture output is:

          00:08:09.210929 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300
00:08:09.210933 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300
00:08:09.210937 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300
00:08:14.260926 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300
00:08:19.310932 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300
00:08:24.390930 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300
00:08:34.042525 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300
          1 Reply Last reply Reply Quote 0
          • E
            eiger3970 @Gertjan
            last edited by eiger3970

            @Gertjan Yes, however I'm wondering if it is easier to have the hypervisor be the WAN (instead of a USB passthrough to the vm pfSense router).
            Just a bit confused on the whole setup.

            The phone USB internet works fine on other computers.

            1 Reply Last reply Reply Quote 0
            • stephenw10S
              stephenw10 Netgate Administrator
              last edited by

              You probably need to toggle the hotspot again if it has no IP address. That last pcap just shows no response to pfSense's DHCP requests. Interesting that it's also failing to pull an IP on the main WAN though. Makes me wonder of this is something the hypervisor is doing. Can you test it bare metal on anything?

              Steve

              1 Reply Last reply Reply Quote 1
              • E
                eiger3970
                last edited by eiger3970

                I toggled the phone by opening the welcome screen > Settings > Mobile > Hotspot > turned off and on > selected USB only > phone indicates it is connected to hotspot.

                pfSense then shows the Dashboard Interfaces with WAN2 IP 172.20.10.2, which is the phone.
                However no traffic?

                12:12:48.093151 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 42:63:7c:e4:6c:e3 (oui Unknown), length 300
12:13:07.432580 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 42:63:7c:e4:6c:e3 (oui Unknown), length 300
12:13:08.440452 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 42:63:7c:e4:6c:e3 (oui Unknown), length 300
12:13:09.493191 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 42:63:7c:e4:6c:e3 (oui Unknown), length 300
12:13:11.566071 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 42:63:7c:e4:6c:e3 (oui Unknown), length 300
12:13:15.443262 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 42:63:7c:e4:6c:e3 (oui Unknown), length 300
12:13:22.000205 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 42:63:7c:e4:6c:e3 (oui Unknown), length 300
12:13:31.193173 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 42:63:7c:e4:6c:e3 (oui Unknown), length 300
^C
76 packets captured
76 packets received by filter
0 packets dropped by kernel

                Bit confused, as plugging into this computer I'm posting from, Internet via phone USB works.

                1 Reply Last reply Reply Quote 0
                • E
                  eiger3970
                  last edited by eiger3970

                  I rebooted pfSense.

                  WAN2 interface shows as n/a.

                  Opened iPhone > mobile data and hotspot on (but not connected) > had to select Trust. Turned hotspot off, then on, then selected USB only (not wifi).

                  pfSense > shell > ifconfig shows interface ue0.
                  pfSense > shell > /boot/loader.conf.local has same code:
                  kern.cam.boot_delay=10000
                  kern.ipc.nmbclusters=”1000000”
                  kern.ipc.nmbjumbop=”524288”
                  kern.ipc.nmbjumbo9=”524288”
                  if_ipheth_load=”YES”
                  hw.usb.quirk.0=”0x05ac 0x12a8 0 0xffff UQ_CFG_INDEX_3”
                  autoboot_delay=”3”

                  pfSense > shell > netstat -r > ue0 is an Internet6 gateway.

                  pfSense Dashboard Interfaces still shows:
                  WAN, green arrow up, 10Gbase-T <full-duplex>, 0.0.0.0
                  LAN, green arrow up, 10Gbase-T <full-duplex>< 192.168.1.170
                  WAN2, green arrow up, blank, n/a.

                  1 Reply Last reply Reply Quote 0
                  • stephenw10S
                    stephenw10 Netgate Administrator
                    last edited by

                    What was that pcap filtered by? At some point it must have seen a reply if it got an IP address (172.20.10.2).

                    The fact we have only ever seen traffic within that subnet seems to imply there is no route via 172.20.10.1 or at least it's not the default route so you would have to deliberately send traffic that way to see it in a pcap. Sourcing from 172.20.10.2 should do that though.

                    Steve

                    1 Reply Last reply Reply Quote 1
                    • E
                      eiger3970
                      last edited by eiger3970

                      pfSense > Dashboard > Interfaces > WAN2 has no IP, just n/a:
                      alt text
                      The packet captures are outputting nothing?

                      ifconfig shows the ue0 interaces, so the USB interface is there.
                      The configuration files for USB interface seem to also have saved and been applied.

                      pfSense > System > Routing > Gateways:
                      alt text

                      I just disabled the WAN interfaces, to help things along.
                      Now only LAN and WAN2 are enabled, however same issue.

                      The Default gateway was Automatic (must have changed after a reboot), so I set WAN2_DHCP as Default gateway IPv4 and Automatic for Default gateway IPv6 (the only options are Automatic, WAN_DHCP6 and None).

                      I reset the phone network settings.
                      Rebooted pfSense.
                      Same issue.
                      I think the hotspot's password may need to be entered into pfSense somewhere, however with no GUI that prompt's for the phone's hotspot's password, I'm not sure how to proceed?

                      Okay, released and renewed WAN2 DHCP and WAN2 has IP 172.20.10.2. No traffic however.

                      1 Reply Last reply Reply Quote 0
                      • E
                        eiger3970
                        last edited by

                        Oh, the internet is working.
                        Seems very slow.
                        I hope the internet is only for the VM router and hypervisor and not this local computer, where I stream videos.
                        I will need to only allow certain devices on the router for internet, due to low need and a low internet plan.

                        The hypervisor has a very slow connection with a ping of 4000 ms.

                        Looks like I can progress to the network configuration.
                        Case closed and thanks.

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.