Another rookie pfSense & FiOS setup question



  • Hello all. I have Verizon FiOS for internet and cable. I would like to have pfsense tackle everything except for the STB's and DVR. I have a Unifi 8 port switch (with PoE) and a Unifi Nano HD AP and those two tackle most of my connections. I have a couple still connected to the Fios router but the primary things are through the switch.

    What would be the best course of action?

    Also should state that this is more for testing purposes with inexpensive equipment than anything at the moment. Eventually I would like to build something capable of 10gbps to fully utilize the capabilities of my custom NAS.

    Thanks in advanced all!



  • bump



  • So, are you just looking for a "how to get started" kind of response from us?

    If so, here's a page from pfsense:
    https://www.pfsense.org/getting-started/

    And a good video on building something yourself, but not with a 10gbps card:
    video link

    Hope that helps...

    Jeff





  • I have Verizon FIOS as well, but I'm not quite sure I understand what you're question is / what you are trying to do. Are you just trying to setup a double router / double NAT setup with pfSense at the edge (i.e. Verizon ONT connected to pfSense WAN interface) and then the Verizon router on the LAN side handling MoCA for STB's and the DVR? Or did I misunderstand your post and it's something else?



  • @tman222 said in Another rookie PFSENSE & FiOS setup question:

    I have Verizon FIOS as well, but I'm not quite sure I understand what you're question is / what you are trying to do. Are you just trying to setup a double router / double NAT setup with pfSense at the edge (i.e. Verizon ONT connected to pfSense WAN interface) and then the Verizon router on the LAN side handling MoCA for STB's and the DVR? Or did I misunderstand your post and it's something else?

    Yes thats more what I am looking to do. Id like to get rid of the fios router all together but im not sure what would be needed to do so to maintain the same level of functionality. For testing purposes I would prefer to double NAT double router and get an understanding.

    Edit: I dont have coax coming from the ONT, I made them run and enable cat5 when I first had it installed. Not sure if this information helps.



  • @Architect_401 said in Another rookie PFSENSE & FiOS setup question:

    @tman222 said in Another rookie PFSENSE & FiOS setup question:

    I have Verizon FIOS as well, but I'm not quite sure I understand what you're question is / what you are trying to do. Are you just trying to setup a double router / double NAT setup with pfSense at the edge (i.e. Verizon ONT connected to pfSense WAN interface) and then the Verizon router on the LAN side handling MoCA for STB's and the DVR? Or did I misunderstand your post and it's something else?

    Yes thats more what I am looking to do. Id like to get rid of the fios router all together but im not sure what would be needed to do so to maintain the same level of functionality. For testing purposes I would prefer to double NAT double router and get an understanding.

    Edit: I dont have coax coming from the ONT, I made them run and enable cat5 when I first had it installed. Not sure if this information helps.

    Hi @Architect_401 - ok, in that case you can keep the Verizon router on the LAN side though maybe put it on its own subnet / VLAN. Also check out this link for a wealth of information on how to set things up and for examples of different types of router / multi-router configurations when using FIOS:

    https://www.dslreports.com/faq/verizonfios

    Finally, you don't necessarily need to keep the Verizon router to maintain functionality to the STB's - you can just buy a MoCA bridge for that instead (which will also forego the need to double NAT on your network).

    Hope this helps.



  • @tman222 said in Another rookie PFSENSE & FiOS setup question:

    @Architect_401 said in Another rookie PFSENSE & FiOS setup question:

    @tman222 said in Another rookie PFSENSE & FiOS setup question:

    I have Verizon FIOS as well, but I'm not quite sure I understand what you're question is / what you are trying to do. Are you just trying to setup a double router / double NAT setup with pfSense at the edge (i.e. Verizon ONT connected to pfSense WAN interface) and then the Verizon router on the LAN side handling MoCA for STB's and the DVR? Or did I misunderstand your post and it's something else?

    Yes thats more what I am looking to do. Id like to get rid of the fios router all together but im not sure what would be needed to do so to maintain the same level of functionality. For testing purposes I would prefer to double NAT double router and get an understanding.

    Edit: I dont have coax coming from the ONT, I made them run and enable cat5 when I first had it installed. Not sure if this information helps.

    Hi @Architect_401 - ok, in that case you can keep the Verizon router on the LAN side though maybe put it on its own subnet / VLAN. Also check out this link for a wealth of information on how to set things up and for examples of different types of router / multi-router configurations when using FIOS:

    https://www.dslreports.com/faq/verizonfios

    Finally, you don't necessarily need to keep the Verizon router to maintain functionality to the STB's - you can just buy a MoCA bridge for that instead (which will also forego the need to double NAT on your network).

    Hope this helps.

    So I know its been a while but I have started to follow the walkthrough that was listed. We are planning on removing TV service when the contract is up and going with internet only. Is there anything I need to do/keep/buy in order to have only my PFsense router with no Fios router? Goal is to be standalone with pfsense router and unifi switches and AP's



  • @Architect_401 said in Another rookie PFSENSE & FiOS setup question:

    @tman222 said in Another rookie PFSENSE & FiOS setup question:

    @Architect_401 said in Another rookie PFSENSE & FiOS setup question:

    @tman222 said in Another rookie PFSENSE & FiOS setup question:

    I have Verizon FIOS as well, but I'm not quite sure I understand what you're question is / what you are trying to do. Are you just trying to setup a double router / double NAT setup with pfSense at the edge (i.e. Verizon ONT connected to pfSense WAN interface) and then the Verizon router on the LAN side handling MoCA for STB's and the DVR? Or did I misunderstand your post and it's something else?

    Yes thats more what I am looking to do. Id like to get rid of the fios router all together but im not sure what would be needed to do so to maintain the same level of functionality. For testing purposes I would prefer to double NAT double router and get an understanding.

    Edit: I dont have coax coming from the ONT, I made them run and enable cat5 when I first had it installed. Not sure if this information helps.

    Hi @Architect_401 - ok, in that case you can keep the Verizon router on the LAN side though maybe put it on its own subnet / VLAN. Also check out this link for a wealth of information on how to set things up and for examples of different types of router / multi-router configurations when using FIOS:

    https://www.dslreports.com/faq/verizonfios

    Finally, you don't necessarily need to keep the Verizon router to maintain functionality to the STB's - you can just buy a MoCA bridge for that instead (which will also forego the need to double NAT on your network).

    Hope this helps.

    So I know its been a while but I have started to follow the walkthrough that was listed. We are planning on removing TV service when the contract is up and going with internet only. Is there anything I need to do/keep/buy in order to have only my PFsense router with no Fios router? Goal is to be standalone with pfsense router and unifi switches and AP's

    If you're just going to be using internet service only, you should be fine using only your pfSense router. Just plug the ethernet cable from the ONT into your router's WAN interface just like you would if you were using the Verizon supplied router. The pfSense router will receive an external IP address from Verizon via DHCP and you should then be good to go after that.

    The setup becomes a bit more involved (and potentially complex) if you are also using STB's for TV service since these communicate over coax (MoCA). One can still get around using the Verizon supplied router in such a scenario by using a MoCA bridge instead (i.e. a bridge between ethernet and coax), but the Verizon router may still be needed at least initially for STB activation.

    Hope this helps.



  • @tman222 That helps big time. Now all I have to do is learn how to configure this router to do what I want. For now I am going to try to put it in front of the Verizon router and have that in a DMZ to service the STB's while the pfsense router (lenovo m73 with 4 port intel nic) handles everything else.

    Would it be a wise starting point to grab the settings and rules from the fios router as a starting point? Trying to limit any downtime as the wife can't be offline for any real length of time because of school.



  • @Architect_401 ,

    This is kind-of-sort-of a pfSense thread, but it's at least as much a "Verizon/FiOS" thread. Concerning how best to work around / bypass consumer-grade home router-gateways provided by the likes of Verizon, Comcast, AT&T, etc., a very good starting point is to read carefully through the appropriate vendor-specific forum at http://www.dslreports.com.

    I don't know the specifics for Verizon's set up as I am using an AT&T fiber service, but I do know that the work-arounds I needed to make with the AT&T router-gateway are non-standard as far as pfSense goes. They required the installation of additional custom software and/or scripts on my pfSense box, not supported by Netgate and not a common topic in the Netgate forums. The home-internet enthusiasts over at DSLreports tend to be very current on if/how it's possible to do this for many major internet providers.



  • @johnsonmagnus Thanks man. Just registered over there. Browsed it a few times in the past. Likely going to have some questions as I go through all this.



  • @Architect_401 If you get it all squared away in a useful, reliable fashion (i.e. not having to do kludgey things like temporarily plugging in the Verizon-provided home gateway device in order to re-authenticate to Verizon's network every time there's a power outage or hard reset,) maybe document the process & results on DSLreports and then link it in this thread? Might help out others who will probably have the same question in coming years.





  • I don't have FiOS TV, which apparently can be a major issue if you do, since some of their newer TV hardware REQUIRES the use of a FiOS router to retain full functionality of the boxes.

    But without the TV piece, I just have my pfSense box connected to the Ethernet connection on my ONT. I didn't have to do anything fancy for it to work (WAN is set to DHCP), and have no issues getting nearly full speed out of my Gigabit connection. IPv6 is not yet available unless you're in one of the four (possibly five) areas that seem to be in their testing for it.

    DSLReports is great for provider-specific setup questions.


Log in to reply