5. Testing feedback with EDGE router configuration

Testing feedback with EDGE router configuration

  • G

    Hello pfSense Team,

    First, thanks for a great project and product. I'm looking forward to getting it running.

    I'm a new pfSense user and I'm building an EDGE/HSxPA and 802.11x router with an ALIX2D3 board. I'm currently using a Nokia phone as the EDGE modem but plan to switch to a dedicated USB EDGE/HSDPA modem soon. Here's my issue.

    I'm using this snapshot: pfSense-2.0-ALPHA-ALPHA-20090403-2118.img

    1. When I plug in the EDGE modem (phone) pfSense successfully detects the modem and creates the /dev/ttyU0 device and /dev/cuaU0 device. I can go the the 'Interfaces -> (assign)' area of the webgui and configure my PPP setting to use the device and the proper phone # to dial, etc.  pfSense creates the interface as ppp0 according to the web gui.

    2. I can select "PPP /dev/cuaU0" for the WAN interface assignment.

    3. When I "Save" and "Apply Changes" pfSense successfully dials out and creates a connection through the modem. An 'ifconfig' command at the command line shows that a 'ppp0' interface has been created and has an IP assigned by the ISP.

    Good so far.

    However, there is a discrepancy because when I go to "Status -> Interfaces" or "Status -> Dashboard" the WAN interface is shown as "Down." I believe this is because the WAN interface is being call ppp_cuaU0 in certain parts of the config, and "ppp0" in others. See examples from config.xml and sys logs below. ( 'ppp0' is used in <ppp><pppif>and 'ppp_cuaU0' is used in <wan><if>)

    Also, DNS servers are not added to resolv.conf after the PPP connection is established, nor is the route table changed to reflect the PPP connection. I was able to enter static DNS servers and add a gateway route to the ppp0 interface manually from the command line. I could then ping out to internet hosts from the command line, but I could not get hosts on the LAN to successfully connect to internet hosts.

    I hope this helps. I would love to get this working soon. Please let me know if I can do anything else to help.

    Oh, I tried to use the "Edit File" area of the web gui to change the <wan><if>part of config.xml to say "ppp0" but it said "write failed".
    How can I make changes that get flushed back to the CF card? That might allow me to solve my problem myself. (maybe)
    And what command and config file is being used to generate the ppp connection?

    Thanks,
    GN

    Config sections and log entries . . .

    <wan><if>ppp_cuaU0</if>
    <mtu><blockpriv><blockbogons><media><mediaopt><bandwidth>100</bandwidth>
    <bandwidthtype>Mb</bandwidthtype>
    <serialport>cuaU0</serialport>
    <descr>WAN</descr>
    <enable><spoofmac><alias-address><alias-subnet>32</alias-subnet></alias-address></spoofmac></enable></mediaopt></media></blockbogons></blockpriv></mtu></wan>

    <ppps><ppp><port>/dev/cuaU0</port>
    <initstr><ap><phone>*99#</phone>
    <username><password><localip><gateway><linespeed><connect-max-attempts><descr>AIS</descr>
    <pppif>ppp0</pppif></connect-max-attempts></linespeed></gateway></localip></password></username></ap></initstr></ppp></ppps>

    Feb 9 23:47:36 php: /interfaces.php: The command '/sbin/ifconfig 'ppp_cuaU0' up' returned exit code '1', the output was 'ifconfig: interface ppp_cuaU0 does not exist'
    Feb 9 23:47:36 php: /interfaces.php: The command '/sbin/ifconfig 'ppp_cuaU0' delete down' returned exit code '1', the output was 'ifconfig: interface ppp_cuaU0 does not exist'
    Feb 9 23:47:36 php: /interfaces.php: The command '/usr/sbin/arp -d -i ppp_cuaU0 -a' returned exit code '1', the output was 'arp: interface ppp_cuaU0 does not exist'
    Feb 9 23:46:19 check_reload_status: reloading filter
    Feb 9 23:46:12 check_reload_status: reloading filter</if></wan></if></wan></pppif></ppp>

    0
  • E

    Yeah its a known issue.
    I have yet to merge the working ppp config code i wrote sponsored by a company.

    But since we are switching to FreeBSD 8 soon there i sno point in doing that since ppp does not exist anymore in there.

    Sorry but you'll have to wait till we switch the ppp to mpd.

    0
  • G

    Update for anyone that might find it useful.

    I made some progress with the same images by manually changing the config.xml file at /cf/conf/config.xml

    (First, you have to mount the /cf directory as -rw. Use the command: mount -u -w /dev/pfSenseCfg (double check the /dev path. I'm not sure its right))

    then . . .

    vi /cf/conf/config.xml

    Find the section with the <wan>label and change the <wanif>value to ppp0 instead of ppp_cuaU0. You can do this from the web interface too. I found it impossible to use vi over the serial port.

    Then, reboot and the ppp0 link should come up.

    You can also bring the ppp link up from the command line by doing a 'pppd call ppp_cuaU0' or instead of ppp_cuaU0 you should use whatever script you find in /etc/ppp/peers that doesn't end in 'chat'.

    I also modified the file (I think its /etc/int/interfaces.inc) and uncommented the line that adds "defaultroute" to the ppp dialup script. That enables ppp to create a default route which it wasn't doing before. You have to reboot after making this change too because the interfaces.inc file generates your ppp control and chat scripts for you in /etc/ppp/peers.
    You also have to use the mount -u -w  command for the partition that this file is on. Do a 'df' to see the partitions and their associated devices.

    Now, if you have the same luck I did, you can ping out to internet hosts from the pfsense command line.
    I was also able to get DNS responses when using a host on the LAN, but I was never able to get connectivity from the LAN to the WAN other than DNS. I tried to figure it out for a while but couldn't get it.

    Okay, cheers.

    GNB</wanif></wan>

    0
  • G

    Another update . . .  [My heel has been in a cast since last Saturday, so I don't have much else to do but try to get this to work :) ]

    My main problem now is that routing of packets between LAN and WAN is broken. I don't know why.

    Even if I make pppd add the default route, routing doesn't work . . . AND then a few minutes later, the system deletes that default route from the routing table. Hah! Thanks anyway BSD . . . I'm guessing it's the routed deamon doing that.

    HELP? anyone know how do deal with this? pftop reports CLOSED:SYN_SENT for the connections (ICMP) from LAN to WAN

    pfsense:/usr/local/www#  route add default 10.6.6.6 <–-- This is my ISP's remote ppp IP
    add net default: gateway 10.6.6.6
    pfsense:/usr/local/www#  pftop

    pfTop: Up State 1-14/14, View: default, Order: none, Cache: 10000                                                    14:01:06

    PR        DIR SRC                      DEST                              STATE                AGE      EXP    PKTS    BYTES
    tcp      In  192.168.2.253:59430      192.168.2.1:22          ESTABLISHED:ESTABLISHED  01:06:43  23:59:55    12241  3068952
    tcp      In  192.168.2.253:36825      192.168.2.1:22          ESTABLISHED:ESTABLISHED  00:39:41  23:59:46      718    84140
    udp      Out 192.168.2.1:52783        239.255.255.250:1900          SINGLE:NO_TRAFFIC  00:06:30  00:00:01      104    37466
    udp      In  192.168.2.253:33955      192.168.2.1:53              MULTIPLE:MULTIPLE    00:02:03  00:00:57      32    2282
    tcp      In  192.168.2.253:43874      63.245.209.93:80              CLOSED:SYN_SENT    00:01:16  00:00:44        1      60
    tcp      Out 192.168.2.253:43874      63.245.209.93:80            SYN_SENT:CLOSED      00:01:16  00:00:44        1      60
    tcp      In  192.168.2.253:48367      192.168.2.1:80            FIN_WAIT_2:FIN_WAIT_2  00:01:07  00:00:56      141    78592
    tcp      In  192.168.2.253:34387      72.14.221.136:80              CLOSED:SYN_SENT    00:00:29  00:01:31        2      148
    tcp      In  192.168.2.253:60173      72.14.221.91:80              CLOSED:SYN_SENT    00:00:29  00:01:31        2      148
    tcp      In  192.168.2.253:58538      72.14.221.93:80              CLOSED:SYN_SENT    00:00:29  00:01:31        2      148
    tcp      In  192.168.2.253:44713      72.14.221.190:80              CLOSED:SYN_SENT    00:00:29  00:01:31        2      148
    tcp      In  192.168.2.253:48371      192.168.2.1:80          ESTABLISHED:ESTABLISHED  00:00:23  23:59:38      162  104127
    icmp      In  192.168.2.253:0          206.190.60.37:34334                0:0            00:00:14  00:00:00      10      700
    icmp      In  192.168.2.253:0          211.78.162.151:5151                0:0            00:00:03  00:00:17        2      140

    HERE's the routing table after I add the default route . . ..

    pfsense:/usr/local/www#  netstat -rW
    Routing tables

    Internet:
    Destination        Gateway            Flags    Refs      Use    Mtu    Netif Expire
    default            10.6.6.6          UGS        0      11  1500    ppp0
    10.6.6.6          10.174.xx.xxx      UH          1      330  1500    ppp0
    localhost          localhost          UH          0        0  16384      lo0
    192.168.2.0        link#1            UC          0        0  1500      vr0
    192.168.2.253      00:1e:68:95:ee:61  UHLW        1    5849  1500      vr0    75

    So, if you want to fix the configuration of PPP as in WAN interface through the webGUI, do this . . . .

    changes to make 2.0 ALPHA-ALPHA work with PPP over GPRS/EDGE

    the next command is for embedded versions only to make the filesystem writeable.
    at the command line for embedded versions only. . .

    pfsense:~# mount -u -w /dev/ufs/pfSense

    all versions continue here

    pfsense:~# vi /usr/local/www/interfaces_assign.php

    then find this section and comment out or modify your file so it looks like below . . .
    The only change is the "$portname =" line

    /* add PPP interfaces /
    if (is_array($config['ppps']['ppp']) && count($config['ppps']['ppp'])) {
            $i = 0;
            foreach ($config['ppps']['ppp'] as $ppp) {
            /          $portname = 'ppp_' . basename($ppp['port']); */
                    $portname = $ppp['pppif'];
                    $portlist[$portname] = $ppp;
                    $portlist[$portname]['isppp'] = true;
                    $i++;
            }
    }

    Save this file and exit after making changes.

    Next edit the php file that sets up your ppp interface. In this file the LocalIP and RemoteIP fields labels are reversed so we switch them.

    pfsense:~#  vi /usr/local/www/interfaces_ppp_edit.php

    Find the section that looks like this and change the line that starts with "

    Local IP

    Note: This is needed if you connect to a private system and are given a static ip.

    Remote IP

    Note: This is where the packets will be routed, aka gateway on normal ip routing.

    0
  • G

    AhhhHaaaa!!!!

    Right . . . My ISP uses 10.6.6.6 as the gateway and assigns me a 10.x.x.x address. Therefore, I have to uncheck the little box that says "Bock private networks" on the WAN configuration page.

    Okay, now I'm successfully routing from LAN to WAN where WAN is a PPP over a GPRS/EDGE USB modem (actually, a Nokia Xpress Music 5310 phone.

    Now, if I can just get BSD to stop deleting my default route . . . maybe that fixed itself too. We'll see . . .

    GNB

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy