Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Change VLAN's on a schedule / cronjob?

    General pfSense Questions
    2
    3
    333
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      belt9 last edited by

      I don't currently have access to my pfSense network so couldn't mess around with it on my own yet.

      I was wondering if I could reassign VLAN's on a schedule or with a cron job?

      I'll be getting AT&T FTTP installed soon and apparently their gateway sucks, doesn't support true bridged mode, and is required.  ::)

      The best workaround I've found online is simple but not clean.

      Basically you connect the ONT to the ATT Gateway via VLAN's, let the ONT authenticate the gateway then swap VLANs with the gateway and pfSense so that pfSense is now on the VLAN with the ONT and the gateway is not. Apparently this works just fine.

      The downside is that it apparently re-authenticates every 14 weeks requiring you to swap it back into the network.
      The upside of the downside is that this re-authentication apparently works like clockwork down to the second.

      My thought was to try doing the VLAN switching on pfSense and use cron to automate that so I can just put it all in a closet and walk away.
      Will this work?

      If not I've seen some documentation about gaining root access on my switch via telnet (Zyxel GS1900) so maybe I can schedule it there?

      Apparently there is a linux eap_proxy workaround as well, but nothing for FreeBSD.

      1 Reply Last reply Reply Quote 0
      • luckman212
        luckman212 LAYER 8 last edited by

        That's an interesting idea but sounds utterly disastrous if something goes wrong and you're not there to fix it. I wouldn't really trust a script to go switching interfaces/VLANs that could bring down my network.  Verizon FIOS has similar issues when you don't use their crappy equipment… some have suggested putting a switch in between the ONT and pfSense and then cloning the MAC address of the ISP gateway so they will basically both get to talk to the ONT ... Llink to a big thread on that setup is below. It's hacky as well but it might be an option if you really need this, and doesn't require any scheduled script.
        https://forum.pfsense.org/index.php?topic=114389.msg635823#msg635823

        1 Reply Last reply Reply Quote 0
        • B
          belt9 last edited by

          yeah, that is the process i was trying to automate on my switch.

          Apparently some have had success with simply setting pfSense WAN to DHCP and then you don't have to run through the process every 14 days.

          Honestly though, I agree. All of the options sound really hacky and reliable.

          Everything goes out the window if the connection resets for any reason and I'm not home to fix it.

          If I don't hear of something more reliable I'll probably just run the gateway in their crappy pseudo-bridge mode.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post