Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PPPoE Server (Connecting over Unifi Mesh Points)

    Scheduled Pinned Locked Moved General pfSense Questions
    2 Posts 1 Posters 475 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • The Computer GuyT
      The Computer Guy
      last edited by

      I'm looking at using pfSense as a PPPoE server, and looking at connecting clients using UniFi Mesh Points.

      Unfortunately, it is not yet possible to set a management VLAN on Unifi Mesh Points, so I was thinking of setting the network up in the following way -

      Private LAN 192.168.1.x

      Mesh Points 192.168.2.x

      I would run a Cloud Key on the private LAN, which has access to the internet for the Updates etc. The Mesh points I would connect to the second LAN, which has a rule to allow traffic from port 8080 (Inform port) through to the cloud key as the only rule.

      PPPoE server would be set to run on the Mesh Points LAN.

      That would mean I would still have management of the Mesh Units via the Cloud Key, but if a client was to disconnect their PPPoE router from the mesh point and plug a laptop directly into the Mesh point, as the Mesh Points network doesn't have internet access, they won't be able to circumnavigate the PPPoE requirements.

      Would this setup work?

      1 Reply Last reply Reply Quote 1
      • The Computer GuyT
        The Computer Guy
        last edited by

        If anyone is interested (Or Searches for this in the future….)

        Yes, it works. However, a few things I noted.

        1. I couldn't get the PPPoE Server on pfSense to work as a VLAN interface. Instead, I had to set my management LAN to be a VLAN interface, and set the PPPoE Server as the untagged interface.

        2. When you plug the router into the Mesh point, the Mesh point first sees if it can use the LAN to connect back to the controller, so will actually drop off the network temporarily. (So don't expect your router to make the PPPoE connection instantly)

        3. When testing... use the aerials on the mesh points! I had them running without the aerials to begin with, and throughput was next to non existent!

        So my setup is as follows -

        System Lan - VLAN on Interface 1 (CloudKey lives here)
        Mesh Lan - Untagged on Interface 1 (TCP Port 8080 - Inform & UDP Port 3478 - STUN open to CloudKey IP - No other rules. I.E. No internet access)

        PPPoE set to run on the Mesh Lan.

        With the later firmware(s) running on the CloudKey, you can cache firmware updates to the CloudKey, so the Mesh points don't need to see the internet directly.

        Ad

        1 Reply Last reply Reply Quote 1
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.