PPPoE using VLAN setup

gabric098

===group

===Hi everyone.
I'm new to pfsense and I just got a sg-1100 box to replace my ISP low-end router.
I have a FTTH connection. The fiber goes into the ONT box which connects through an ethernet cable to the ISP router.
I got all the settings needed from the ISP, I disconnected the ISP router and plugged the above mentioned ethernet cable into the WAN port of the sg-1100.

I created a VLAN tagged 24 and assigned it to the WAN interface (as my ISP uses this VLAN setting for data). I ensured all the settings are correct and the username and password for ppp are correct.
However I keep seeing this error in the logs:

Dec 6 17:15:46	ppp		[wan_link0] PPPoE: Connecting to 'lowi'
Dec 6 17:15:46	ppp		[wan_link0] Link: reconnection attempt 14
Dec 6 17:15:42	ppp		[wan_link0] Link: reconnection attempt 14 in 4 seconds
Dec 6 17:15:42	ppp		[wan_link0] LCP: Down event
Dec 6 17:15:42	ppp		[wan_link0] Link: DOWN event
Dec 6 17:15:42	ppp		[wan_link0] PPPoE connection timeout after 9 seconds
Dec 6 17:15:33	ppp		[wan_link0] PPPoE: Connecting to 'lowi'
Dec 6 17:15:33	ppp		[wan_link0] Link: reconnection attempt 13
Dec 6 17:15:31	ppp		[wan_link0] Link: reconnection attempt 13 in 2 seconds

This is how I configured the interfaces:

pfsense homenet - Interfaces Interface Assignments.png

pfsense homenet - Interfaces VLANs Edit.png

pfsense homenet - Interfaces PPPs Edit.png

Any ideas?

Thank you!
Gab

stephenw10

If you need to use VLAN 24 you will also need to configure the internal switch to pass that traffic tagged like this:

Steve

gabric098

Thanks Steve,
I've tried with the settings you're suggesting but still no luck.
I feel like there's something wrong in the assignment between the VLAN and the WAN interface. I'll keep trying and hopefully I'll find the correct setup.

Gab

stephenw10

A lot of ISPs apply the VLAN in the "modem". Are you sure you need to tag the PPPoE traffic?

gabric098

Hi Steve,
thanks for the reply.
I'm fairly sure the VLAN is needed to be created in the router as I've access to the ISP router config and it shows VLAN24 configured.

I am assuming all the config I get from the ISP router are correct (user/password VLANID ,MTU...) so I can only think that I'm doing something wrong in setting up the VLAN and assigning it to the WAN interface (which is very possible as this is the first time I use pfSense).

I've screenshotted step by step what I'm doing. Maybe you can figure out what I'm doing wrong.

I start from a factory default settings. I create a WAN connection as PPPeE adding username and password as the ISP modem.

After that I create a VLAN with tagged 24:

pfSense localdomain - Interfaces VLANs Edit.png

Then I assign the newly created VLAN to WAN:
pfSense localdomain - Interfaces Interface Assignments.png

I edit the PPP settings assigning it to the VLAN interface:
pfSense localdomain - Interfaces PPPs Edit.png

And finally I configure the switch as you mentioned above:
pfSense localdomain - Interfaces Switch VLANs.png

Unfortunately, this setup seems not to be working, I keep getting the same error in the logs as the one I posted at the very beginning of the post.

Unfortunately my ISP doesn't offer any support in configuring 3rd party routers so I'm kind of stuck at the moment.

Thanks again,
Gab

gabric098

Allright,
I figured out that what I was doing is totally wrong.
Helped by this yt video: Bp_B79-WLlU I changed the setup of the system and now, at least I can see something meaningful in the logs:

Dec 8 01:04:24	ppp		[opt2_link0] Link: reconnection attempt 13 in 4 seconds
Dec 8 01:04:24	ppp		[opt2_link0] LCP: LayerStart
Dec 8 01:04:24	ppp		[opt2_link0] LCP: state change Stopped --> Starting
Dec 8 01:04:24	ppp		[opt2_link0] LCP: Down event
Dec 8 01:04:24	ppp		[opt2_link0] Link: DOWN event
Dec 8 01:04:24	ppp		[opt2_link0] LCP: LayerFinish
Dec 8 01:04:24	ppp		[opt2_link0] LCP: state change Stopping --> Stopped
Dec 8 01:04:24	ppp		[opt2_link0] LCP: rec'd Terminate Ack #51 (Stopping)
Dec 8 01:04:24	ppp		[opt2_link0] LCP: SendTerminateAck #52
Dec 8 01:04:24	ppp		[opt2_link0] LCP: rec'd Terminate Request #69 (Stopping)
Dec 8 01:04:24	ppp		[opt2_link0] LCP: LayerDown
Dec 8 01:04:24	ppp		[opt2_link0] LCP: SendTerminateReq #51
Dec 8 01:04:24	ppp		[opt2_link0] LCP: state change Opened --> Stopping
Dec 8 01:04:24	ppp		[opt2_link0] LCP: parameter negotiation failed
Dec 8 01:04:24	ppp		[opt2_link0] LCP: authorization failed
Dec 8 01:04:24	ppp		[opt2_link0] MESG: CHAP authentication failure
Dec 8 01:04:24	ppp		[opt2_link0] CHAP: rec'd FAILURE #1 len: 31
Dec 8 01:04:24	ppp		[opt2_link0] CHAP: sending RESPONSE #1 len: 39
Dec 8 01:04:24	ppp		[opt2_link0] CHAP: Using authname "<masked>@lowi"
Dec 8 01:04:24	ppp		[opt2_link0] Name: "RSRMAL01"
Dec 8 01:04:24	ppp		[opt2_link0] CHAP: rec'd CHALLENGE #1 len: 64
Dec 8 01:04:24	ppp		[opt2_link0] LCP: LayerUp
Dec 8 01:04:24	ppp		[opt2_link0] LCP: auth: peer wants CHAP, I want nothing
Dec 8 01:04:24	ppp		[opt2_link0] LCP: state change Ack-Sent --> Opened
Dec 8 01:04:24	ppp		[opt2_link0] MAGICNUM 0xafb9c2a2
Dec 8 01:04:24	ppp		[opt2_link0] MRU 1492
Dec 8 01:04:24	ppp		[opt2_link0] LCP: rec'd Configure Ack #50 (Ack-Sent)
Dec 8 01:04:24	ppp		[opt2_link0] MAGICNUM 0xafb9c2a2
Dec 8 01:04:24	ppp		[opt2_link0] MRU 1492
Dec 8 01:04:24	ppp		[opt2_link0] LCP: SendConfigReq #50
Dec 8 01:04:24	ppp		[opt2_link0] PROTOCOMP
Dec 8 01:04:24	ppp		[opt2_link0] LCP: rec'd Configure Reject #49 (Ack-Sent)
Dec 8 01:04:24	ppp		[opt2_link0] LCP: state change Req-Sent --> Ack-Sent
Dec 8 01:04:24	ppp		[opt2_link0] MAGICNUM 0x2c2939b8
Dec 8 01:04:24	ppp		[opt2_link0] AUTHPROTO CHAP MD5
Dec 8 01:04:24	ppp		[opt2_link0] MRU 1492
Dec 8 01:04:24	ppp		[opt2_link0] LCP: SendConfigAck #68
Dec 8 01:04:24	ppp		[opt2_link0] MAGICNUM 0x2c2939b8
Dec 8 01:04:24	ppp		[opt2_link0] AUTHPROTO CHAP MD5
Dec 8 01:04:24	ppp		[opt2_link0] MRU 1492
Dec 8 01:04:24	ppp		[opt2_link0] LCP: rec'd Configure Request #68 (Req-Sent)
Dec 8 01:04:24	ppp		[opt2_link0] MAGICNUM 0xafb9c2a2
Dec 8 01:04:24	ppp		[opt2_link0] MRU 1492
Dec 8 01:04:24	ppp		[opt2_link0] PROTOCOMP
Dec 8 01:04:24	ppp		[opt2_link0] LCP: SendConfigReq #49
Dec 8 01:04:24	ppp		[opt2_link0] LCP: state change Starting --> Req-Sent
Dec 8 01:04:24	ppp		[opt2_link0] LCP: Up event
Dec 8 01:04:24	ppp		[opt2_link0] Link: UP event
Dec 8 01:04:24	ppp		[opt2_link0] PPPoE: connection successful
Dec 8 01:04:24	ppp		PPPoE: rec'd ACNAME "RSRMAL01"
Dec 8 01:04:24	ppp		[opt2_link0] PPPoE: Connecting to ''

It looks an authentication error. I'm going to dig more into it but at least I'm getting closer to a solution!

Thank you!
Gab

stephenw10

Yup, looks like you have the VLAN part corrected, you would not be seeing those authentication errors if not.

I imagine you did this already but you should have the PPPoE interface assigned as the WAN rather than the PPP instance using the VLAN. Something like I have here:

Steve

gabric098

Hi Steve, good news.
I finally managed to get the PPPeE working, the issue I pointed out yesterday was indeed due to a wrong password... sigh. I must be partially excused as the ISP router was displaying the wrong password and, in order to get the correct one I had to sniff traffic between the modem and the ISP router.
Anyway. I'm adding some screenshots here, for reference, in case someone (including me in the future) will need to do something similar. Please, if you see something wrong let me know.
Thanks again for the superb support

First of all, I created the VLAN24
pfsense home - Interfaces VLANs Edit.png

Then I created a new interface, called WAN_LOWI, assigned to the VLAN24 just created.
pfsense home - Interfaces Interface Assignments.png

The just created WAN_LOWI is defined as a PPPeE interface with ISP username and password
pfsense home - Interfaces WAN_LOWI pppoe0 .png

Then I configured the switch settings as follows:
pfsense home - Interfaces Switch VLANs.png

tlovie

Thank-you for documenting this - the setup worked for me too!!