PPPoE over VLAN, pfSense doesnt see network

trumee · Mar 24, 2020, 7:51 AM

Hello,

I have an Huawei HG8145V5 ONT router which is setup in bridge mode. The ISP requires that internet be accessed using VLAN 100, so I had VLAN100 untagged on the Huawei router like so and it works fine,

The ISP has two VLANs, VLAN 100 for Internet and VLAN 660 for voice. My intention is to untag these VLANs on pfSense rather than the Huawei router.

I tried the following steps but it did not work out.

Disable VLAN Untagging on the Huawei router
Setup a VLAN 100 on pfSense
Enable PPPoE on this Unatgged interface

Finally setup a WAN for this PPPOE interface in Interfaces/Interface Assignments

PPP log doesnt show anything useful

I tried to do a packet capture on igb6.100 using diagnostic tools, but it came out empty. Doing a packet capture on the parent interface showed this,

10:31:38.381924 PPPoE PADI [Host-Uniq 0x40CB210001F8FFFF] [Service-Name "Airtel"]
10:31:40.381679 PPPoE PADI [Host-Uniq 0x40CB210001F8FFFF] [Service-Name "Airtel"]

I dont understand why the parent interface (igb6) is showing these requests rather igb6.100.

Any idea what could be the issue?

stephenw10 · Mar 24, 2020, 12:19 PM

A pcap on the parent interface will still show the tagged VLAN packets on it. A pcap on the VLAN will show only the packets in the VLAN.
If you set the view to 'full' you should see the VLAN tags. You can confirm it's on the correct VLAN.

You are using the term 'untag' here but I think you mean 'tag'. The traffic has to reach the ISP tagged on VLAN 100.

Why are you moving the tagging? That would usually be done in the modem in this situation. Does the modem accept tagged packets and pass them tagged even?

Steve

trumee · Mar 24, 2020, 12:54 PM

@stephenw10 said in PPPoE over VLAN, pfSense doesnt see network:

Why are you moving the tagging? That would usually be done in the modem in this situation.

Right, at the moment the modem is indeed accepting tagged traffic and untagging it. The reason I wanted to move that job to pfSense was primarily the voice traffic. At the moment the inbuilt sip client in the modem receives the traffic and passes it to the analog phone connected to the modem. Instead, I want to use my FreeSWITCH server to act as a sip client.

@stephenw10 said in PPPoE over VLAN, pfSense doesnt see network:

Does the modem accept tagged packets and pass them tagged even?

I was hoping that it would do that. This is something i dont know.

stephenw10 · Mar 24, 2020, 1:33 PM

Hmm, I mean modems will usually accept that but they may not. Especially since they appears to have a built in switch and access point so mught be using VLANs internally.

Can you not bind the SIP traffic to a separate port maybe instead? Or just configure the modem to pass VLAN 660 tagged?

You're probably going to need someone familiar with the capabilities of that particular modem/router rather than pfSense.

Steve

trumee · Mar 24, 2020, 5:22 PM

@stephenw10 said in PPPoE over VLAN, pfSense doesnt see network:

Can you not bind the SIP traffic to a separate port maybe instead?

This is certainly an option. However, I will need to run another cable between the modem and pfSense router. This will waste a precious NIC on the pfSense router, which i was trying to avoid.

@stephenw10 said in PPPoE over VLAN, pfSense doesnt see network:

Or just configure the modem to pass VLAN 660 tagged?

This is exactly what i am trying to do, hence this post. The screenshots above are for VLAN100 but the same idea applies to VLAN 660.

I dont think this modem passes VLAN 660 as tagged.

stephenw10 · Mar 24, 2020, 7:34 PM

Hmm, well I imagine it's possible but I'd have to be a lot more familiar with that modem/router.

Certainly pfSense has no problem doing that.

Steve