pfsense with Spectrum Internet



  • I'm trying to get the get the pfsense working with Spectrum Internet. If I connect the modem directly to my PC, I get a IPv4 & IPv6 address. However, if I connect it through a managed switch that is configured for Port Access (as oppose to Trunk), I am no longer able to get a WAN IP address in pfSense.

    For anyone who has Spectrum for the Internet, would you please share how is the pfSense and the switch configuration is set so that pfsense is able to successfully pull IPv4/6 address?

    Thanks!

    -r



  • Need more info on what you're trying to do. I've been running PFsense with Spectrum for 10 years... never had an issue with it grabbing an IP from the modem.



  • @marvosa I didn't think there was much to it (I.e.: pulling an IP from the modem for timewarner /spectrum). For Google fiber I had to configure the switch with VLAN/2, for example. So, I just wanted to make sure that there was no VLAN configuration I needed to setup.



  • I was looking for more insight into your design. Why are you going into a switch first instead of directly into PFsense?


  • Netgate Administrator

    Yeah the switch seems the most suspect part there.

    Also not clear if the PC that is able to get a WAN IP is pfSense. If it isn't can that same client get an IP through the switch? Or can pfSense get an IP when connected directly?

    Steve



  • @rsaanon

    You're rebooting the modem between changes right?



  • @marvosa The overall architecture consists of ISP->Switch->Server running vSphere->vSwitch. So, from the ISP into the switch port is configured as a Trunk. Connection coming out of the switch (configured as Trunk also) goes into the Ethernet port of the server running vSphere. This physical ethernet port (vmnic0) is configured as the Uplink port of a distributed switch. Finally, a non-vlan Port Group is created which then is fed in to the VM running pfSense. Similar setup works fine for Google Fiber, but not for the Spectrum.



  • @marvosa btw, thanks for your response.


  • Netgate Administrator

    Not really seeing any reference to a VLAN requirement for Spectrum from some brief searching. What VLAN are you using currently there?

    Steve



  • @stephenw10 said in pfsense with Spectrum Internet:

    Not really seeing any reference to a VLAN requirement for Spectrum from some brief searching. What VLAN are you using currently there?

    Steve

    There are none. My Spectrum customers all work fine out of the box.



  • @stephenw10 @marvosa @chpalmer

    Apologies for the belated response. Here's an update:

    To keep things simple, I decided to bypass the switch; in other words, now the modem directly connects to a physical NIC of a server that's running VMWare vSphere 6.5. That physical NIC is associated with a vSwitch inside of vSphere. I created a Port Group for that switch with VLAN ID set to 0 (ie: no vlan). I still am not able to pull an IP from my ISP. Here's the setup:

    Timewarner/Spectrum ISP Modem -> vSphere Server w/ vSwitch tied to the physical NIC (vmnic16) (as depicted below):

    c24fd451-2505-4968-8403-e8b8e270c896-image.png

    I'm perplexed that something this straight-forward is not working.

    -r


  • Netgate Administrator

    You rebooted the modem after changing to that?

    Are you able to test a bare metal install to be sure it's not something in the hypervisor?

    Steve



  • One possibility is the ISP modem "learned" the first MAC address it saw (like maybe your PC), assigned an IP based on that MAC and now won't honor any other MAC by assigning an IP. Frequently, if this is the case, rebooting the modem will fix it as the modem will then learn the new MAC attached to it (the ESXi MAC). However, your particular ISP may have chosen to lock the MAC tighter and you may have to work through their tech support to get it unlocked (not likely, though, as this would be a big headache for them when someone simply purchased a new PC).



  • @stephenw10 Yes, I had rebooted the modem. I don’t think the issue is with the hypervisor as I have full LAN & WAN (from a different ISP) connectivity. Thanks!



  • @bmeeks That's a good thought, but I had done a couple of things to ensure that ISP was not coupling the MAC address of the PC to the connection where the ISP DHCP server will not serve out IP to a different MAC:

    • I rebooted the modem and waited an hour to ensure that ISP DHCP lease is released back to the DHCP pool
    • I spoofed the MAC address of my PC inside of the hypervisor/ESXi

    Based on the above two steps, I doubt that the issue is related to "learned" MAC address. Thoughts?

    Thanks!



  • @rsaanon said in pfsense with Spectrum Internet:

    @bmeeks That's a good thought, but I had done a couple of things to ensure that ISP was not coupling the MAC address of the PC to the connection where the ISP DHCP server will not serve out IP to a different MAC:

    • I rebooted the modem and waited an hour to ensure that ISP DHCP lease is released back to the DHCP pool
    • I spoofed the MAC address of my PC inside of the hypervisor/ESXi

    Based on the above two steps, I doubt that the issue is related to "learned" MAC address. Thoughts?

    Thanks!

    I agree if you spoofed the PC's MAC address and rebooted the cable modem, that should have addressed any "learned MAC" issues.


Log in to reply