Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PPPOE => 1 x static IPv4 and a IPv4 /30 Subnet

    Scheduled Pinned Locked Moved Routing and Multi WAN
    3 Posts 2 Posters 554 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      filontheroad
      last edited by

      Hello,

      I have the following problem and have been searching the net for a solution for days:

      • FTTH connection directly to the house
      • This delivers a static IPv4 xxx.xxx.xxx.150
      • The pfSense is connected directly to the FTTH via PPPOE and runs without problems in the LAN.
      • Additionally on the same PPPOE port the ISP provides a xxx.xxx.xxx.x14/30 network
      • WAN is configured as PPPOE and gets the static IPv4 xxx.xxx.xxx.150 assigned automatically
      • In a separate VLAN (on a separate Interace OPT2) I now want to make a web server directly reachable from outside via an IPv4 from the 4 network and want to use the xxx.xxx.xxx.x15/32 for this.
      • All 4 IPv4 from the network are created as Virtual IPs as IP alias.

      In the NAT I have now routed TCP with port 80 and 443 to the destination xxx.xxx.xxx.x15/32 (virtual IP) with the redirect target IP from the VLAN which is assigned to the web server.

      In the domain DNS I have specified the IP xxx.xxx.xxx.x15. Nevertheless I can't reach the domain from outside.

      In NAT I have assigned outbound with Hybrid NAT the internal IP of the web server from the VLAN with the translation of xxx.xxx.xxx.x15.

      Furthermore, in the firewall, the NAT rules have automatically appeared in the WAN, which determine the appropriate port forwarding.

      I probably can't see the forest for the trees. Can someone please tell me where my thinking error lies?

      I want to make the nextcloud instance running on the webserver on a proxmox instance reachable via the subdomain, just like before pfSense too (damal Fritzbox).

      Thanks in advance for any help from you

      kiokomanK 1 Reply Last reply Reply Quote 0
      • kiokomanK
        kiokoman LAYER 8 @filontheroad
        last edited by kiokoman

        @filontheroad
        it seems ok to me
        i have a similar configuration, the only thing is that it's not pppoe
        do you see the incoming requests with packet capture?
        i would try a simple telnet on port 80 from outside your network to xxx.xxx.xxx.x15
        if it connect you know it's a dns problem (did you wait enought for the propagation? https://www.whatsmydns.net/ does your domain point to xxx.xxx.xxx.x15 ? )
        if it doesn't connect you need to check firewall rules / routing

        also are you sure the xxx.xxx.xxx.x15 is an usable IP ? maybe it's the broadcast and you can't use it
        xxx.xxx.xxx.x14/30 network = Usable Host IP Range: xxx.xxx.xxx.13 - xxx.xxx.xxx.14
        Network Address: xxx.xxx.xxx.12
        Broadcast Address: xxx.xxx.xxx.15

        ̿' ̿'\̵͇̿̿\з=(◕_◕)=ε/̵͇̿̿/'̿'̿ ̿
        Please do not use chat/PM to ask for help
        we must focus on silencing this @guest character. we must make up lies and alter the copyrights !
        Don't forget to Upvote with the 👍 button for any post you find to be helpful.

        F 1 Reply Last reply Reply Quote 1
        • F
          filontheroad @kiokoman
          last edited by

          @kiokoman Foudn the mistake. The VLAN whcih I assigned to the Interface was not giving out IPs via DHCP to the Clients. I had tha DHCP Server up and running, but it did not work properly. So I switched configuration and set the public IPS to the Interface and seperated the nextcloud network through a separate LAN out on the NIC and all hardware behind that is not connected to the rest of the main Network. So basically a real DMZ. Now it is working

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.