IPhone Tethering to pfSense
-
That's a partial ntp discussion, loading the list with peers from the default "0.pfsense.pool.ntp.org" pool.
edit : wait ..... you are really using an iPhone, the 'USB cable' as a networked WAN device ? Interesting.
-
Looks like it's querying DNS on the phone. We've yet to see anything other than the phone's local IP as the destination.
Does pfSense still have some other gateway it's using?
You can specify that gateway of you go to Diag > Ping, say, and ping something external. You should see that in a packet capture.
Steve
-
VM pfSense Interfaces are:
WAN (the old Ethernet connection via the hypervisor), currently showing IP address 0.0.0.0.
LAN (the current and working local area network), currently showing IP address 192.168.1.170.
WAN2 (the USB passthrough from the hypervisor to VM pfSense), currently showing IP address 0.0.0.0.The hypervisor has the VM pfSense Hardware with a network device configured as:
net0 virtio=ma:ca:dd:re:ss:00,bridge=vmbr0
net1 virtio=ma:ca:dd:re:ss:01,bridge=vmbr1vmbr0 was the WAN to the previous internet cable provider.
vmbr1 is the LAN interface.I pinged 1.1.1.1 and the packet capture output is:
00:08:09.210929 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300 00:08:09.210933 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300 00:08:09.210937 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300 00:08:14.260926 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300 00:08:19.310932 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300 00:08:24.390930 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300 00:08:34.042525 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 300
-
@Gertjan Yes, however I'm wondering if it is easier to have the hypervisor be the WAN (instead of a USB passthrough to the vm pfSense router).
Just a bit confused on the whole setup.The phone USB internet works fine on other computers.
-
You probably need to toggle the hotspot again if it has no IP address. That last pcap just shows no response to pfSense's DHCP requests. Interesting that it's also failing to pull an IP on the main WAN though. Makes me wonder of this is something the hypervisor is doing. Can you test it bare metal on anything?
Steve
-
I toggled the phone by opening the welcome screen > Settings > Mobile > Hotspot > turned off and on > selected USB only > phone indicates it is connected to hotspot.
pfSense then shows the Dashboard Interfaces with WAN2 IP 172.20.10.2, which is the phone.
However no traffic?12:12:48.093151 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 42:63:7c:e4:6c:e3 (oui Unknown), length 300 12:13:07.432580 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 42:63:7c:e4:6c:e3 (oui Unknown), length 300 12:13:08.440452 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 42:63:7c:e4:6c:e3 (oui Unknown), length 300 12:13:09.493191 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 42:63:7c:e4:6c:e3 (oui Unknown), length 300 12:13:11.566071 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 42:63:7c:e4:6c:e3 (oui Unknown), length 300 12:13:15.443262 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 42:63:7c:e4:6c:e3 (oui Unknown), length 300 12:13:22.000205 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 42:63:7c:e4:6c:e3 (oui Unknown), length 300 12:13:31.193173 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 42:63:7c:e4:6c:e3 (oui Unknown), length 300 ^C 76 packets captured 76 packets received by filter 0 packets dropped by kernel
Bit confused, as plugging into this computer I'm posting from, Internet via phone USB works.
-
I rebooted pfSense.
WAN2 interface shows as n/a.
Opened iPhone > mobile data and hotspot on (but not connected) > had to select Trust. Turned hotspot off, then on, then selected USB only (not wifi).
pfSense > shell > ifconfig shows interface ue0.
pfSense > shell > /boot/loader.conf.local has same code:
kern.cam.boot_delay=10000
kern.ipc.nmbclusters=”1000000”
kern.ipc.nmbjumbop=”524288”
kern.ipc.nmbjumbo9=”524288”
if_ipheth_load=”YES”
hw.usb.quirk.0=”0x05ac 0x12a8 0 0xffff UQ_CFG_INDEX_3”
autoboot_delay=”3”pfSense > shell > netstat -r > ue0 is an Internet6 gateway.
pfSense Dashboard Interfaces still shows:
WAN, green arrow up, 10Gbase-T <full-duplex>, 0.0.0.0
LAN, green arrow up, 10Gbase-T <full-duplex>< 192.168.1.170
WAN2, green arrow up, blank, n/a. -
What was that pcap filtered by? At some point it must have seen a reply if it got an IP address (172.20.10.2).
The fact we have only ever seen traffic within that subnet seems to imply there is no route via 172.20.10.1 or at least it's not the default route so you would have to deliberately send traffic that way to see it in a pcap. Sourcing from 172.20.10.2 should do that though.
Steve
-
pfSense > Dashboard > Interfaces > WAN2 has no IP, just n/a:
The packet captures are outputting nothing?ifconfig shows the ue0 interaces, so the USB interface is there.
The configuration files for USB interface seem to also have saved and been applied.pfSense > System > Routing > Gateways:
I just disabled the WAN interfaces, to help things along.
Now only LAN and WAN2 are enabled, however same issue.The Default gateway was Automatic (must have changed after a reboot), so I set WAN2_DHCP as Default gateway IPv4 and Automatic for Default gateway IPv6 (the only options are Automatic, WAN_DHCP6 and None).
I reset the phone network settings.
Rebooted pfSense.
Same issue.
I think the hotspot's password may need to be entered into pfSense somewhere, however with no GUI that prompt's for the phone's hotspot's password, I'm not sure how to proceed?Okay, released and renewed WAN2 DHCP and WAN2 has IP 172.20.10.2. No traffic however.
-
Oh, the internet is working.
Seems very slow.
I hope the internet is only for the VM router and hypervisor and not this local computer, where I stream videos.
I will need to only allow certain devices on the router for internet, due to low need and a low internet plan.The hypervisor has a very slow connection with a ping of 4000 ms.
Looks like I can progress to the network configuration.
Case closed and thanks.