Pfsense connect with DSL modem wifi router problem need help.

stardreamer77

hi, sorry i am not a network expert, if i am asking the silly question, please forgive me, and english also not my first language so sorry for my poor english.
i been using pfsense for 1 year without problem, my config is :
pfsense 2.4.4-RELEASE-p1 (amd64)
intel 4 port network card (only use 2 port,)
igb3 port set as WAN connect to Asus DSL-N12U B1(Wireless-N 300 ADSL Modem Router ) at port 1 using PPPoE.
igb1 port set as LAN (192.168.1.1) connect to a HP 1410-8G unmanaged switch. so i can connect to 4 other PC via Cable. DHCP range 192.168.1.100 to 192.168.1.200.

i set the ASUS DSL modem ip address to 192.168.1.5 ,disable DHCP , and internet setting to bridge mode.
the ASUS DSL modem also built in wifi, so i connect this modem to the HP switch. then all mobile phone can connect wifi to the modem and get internet access. i been using this setup around 1 year without any problem.

few days ago, this problem start . 4 PC that connect via cable to the switch some times can't access to internet. or loss internet after restart the PC. error message is something with DNS.
to fix this problem, i need to unplug the cable that connect the modem to the switch. but then i loss the wifi connection.

how to make it work? where did i set wrong? thanks.

Asamat

Can you attach system log with this "error message is something with DNS"?
Also, I think it's more appropriate to use another Wi-Fi router connected to pfSense (not your ISP modem's Wi-Fi)

stardreamer77

hi,
the "error message is something with DNS" is what i get from the 4PC that connect to switch when i open Chrome want to go online, and i get "DNS_Probe_Finished_No_Internet" on chrome page.

i suspect the problem is the "Asus DSL-N12U B1" modem, when i log in to the modem, i see this :

the 192.168.1.52 is a mobile phone connect via wifi to the modem.
192.168.1.12 is PC1 connect on the switch
192.168.1.50 is PC2 connect on the switch

i no know who is this "192.168.1.1 MAC: 28:38:82:20:76:XX"
my LAN on pfsense is igb1 192.168.1.1 MAC:00:1b:21:20:65:XX

so when now there is 2 "192.168.1.1" maybe that cause the problem for the PC on the switch some time loss the internet?

thanks.

johnpoz

First off that is not a "modem" That is a gateway modem+router in 1 box.. Its doing NAT is not?

28-3B-82 is Dlink Device..

And yeah if that is conflicting with pfsense... How is it your lan is 192.168.1.1 - what is pfsense WAN? You can not be using the same network on both wan and lan of pfsense.

How exactly do you have everything connected?

i set the ASUS DSL modem ip address to 192.168.1.5 ,disable DHCP , and internet setting to bridge mode.

Huh? So pfsense gets a public.. So your running your lan network on the same L2 as your WAN with public IP? You make no mention of vlans, nor do I believe that asus device supports them.

stardreamer77

hi
thanks for the input.
this is my connection map:

sorry, i am a networking newbie. i assume the asus modem is a "DSL +gateway+ modem+router+VLANS.

this is my interface setup:

i no know what is vlan or how to set it. but i already disable the DHCP on the Asus modem router. maybe it's not enough?

thanks.

stardreamer77

@johnpoz said in Pfsense connect with DSL modem wifi router problem need help.:

First off that is not a "modem" That is a gateway modem+router in 1 box.. Its doing NAT is not?
form the asus product page :
Built-in NAT and SPI firewall
Port, IP packet, URL, MAC filter

i did disable the SPI firewall in it.

28-3B-82 is Dlink Device..

And yeah if that is conflicting with pfsense... How is it your lan is 192.168.1.1 - what is pfsense WAN? You can not be using the same network on both wan and lan of pfsense.

How exactly do you have everything connected?

i set the ASUS DSL modem ip address to 192.168.1.5 ,disable DHCP , and internet setting to bridge mode.

Huh? So pfsense gets a public.. So your running your lan network on the same L2 as your WAN with public IP? You make no mention of vlans, nor do I believe that asus device supports them.

i was using the setup for a year without any problem, but now i recall i reset the Asus DSL modem gateway router cause some mobile can't connect to the wifi AP that inside this asus modem router.
after the reset, i same log in tothe Asus modem router , Disable DHCP and firewall, set ip as 192.168.1.5, setup wireless SSID, password. and restart the Asus modem wifi router.
but after this , i get a lot of new DHCP request in pfsense , all from neighbor's mobile phone.
and the Dlink Device i mention above 28-3B-82, maybe is my neighbor's wifi AP modem router. because it's a Dlink DSL wifi modem router all in one box like my ASUS modem.
Why my Asus modem router give neighbor's wifi AP the 192.168.1.1 ip address? i already disable the DHCP server inside.
sorry. i am really a noob on this .

thanks.

johnpoz

The only way some remote device could be connecting is via wifi.. Do you not have security setup on it, did you share this info with your neighbor.. Is it just the default SSID without security or default PSK? etc..

Yeah that config looks like a LOOP to me..

If you want to use your device as your "modem" then it should ONLY be connected to your WAN... its wifi should be turned off - get another AP for your wireless connectivity...

stardreamer77

thanks.
i have security WPA2 PSK on the wifi setting, and new SSID also Hide SSID. and no, i didn't share wifi info with neighbor.

because i don't have a difference AP on hand, and since the Asus have the "modem" i need, and also "wifi AP" i need, so i just try my luck to male it work.
so if that look like a LOOP, can fix it?

thanks for the help.

johnpoz

@stardreamer77 said in Pfsense connect with DSL modem wifi router problem need help.:

also Hide SSID

Completely Utterly POINTLESS!!! Do not do that!

Make your SSID UNIQUE, and use a good PSK!!

edit: As to can you fix it? Many of these devices allow for say port one to be in bridge mode, and provide no nat and public IP to the device connected to it.. While the other ports are behind NAT..

I do not know the particulars of your pppoe setup, nor what that device does or does not do for isolation of layer 2 when it its setup how you have it setup..

I would really suggest is just get another AP or wireless router to use as just AP so you can be sure your wan and lan or isolated at layer 2 physically..

stardreamer77

ok. thank you very much.

stephenw10

Yes, it looks to me like your Asus router has started handing out DHCP leases in conflict with pfSense. Make sure it is running the same settings it was previosuly.

But, yes, it would be far better to use separate devices as the DSL modem and wifi access point. You're relying on PPPoE to separate WAN from LAN there.

Steve