SG-1100 no public IP from FIOS ONT
My current setup is a TP-Link Archer C9 wi-fi router connected directly to my FIOS ONT via a CAT6 ethernet cable. It gets its public IP from the FIOS DHCP server every time without an issue.
I'm trying to replace that router with my new SG-1100 but for some reason it cannot obtain a public IP from the ONT. I have upgraded the SG-1000 to the latest version and rebooted the ONT but this doesn't seem to work.
Some people have suggested to access the admin page of the TP-Link router and release the public IP before connecting the SG-1000, or to call FIOS and request a new IP when the SG-1100 is connected. But, before doing any of that I would like to know how to access the WAN logs so I can see what the real problem instead of trying a million things and see what works. How can i access those logs?
The reason why I want to find out what is going on before doing anything is because I had the worse experience with FIOS when I first decided to replace their router and use my own. Basically my connection was dropping every Friday night and nobody could find out why (not even FIOS and the 3 technicians they sent to my place). Turned out that their system was still saying that I was using their router and, since it couldn't find THAT router on their network at the time of renewing the IP leases, the system refused to assign a public IP to my TP-Link.
In any event, I currently have internet via my TP-Link and I don't want to jeopardize that because I was experimenting with the SG-1100
Can any of you help a new PFsense/Netgate user?
@lrossi maybe try cloning the WAN MAC address of the working router to the pfsense?
@scurrier Thanks for the Input and I tried that option and ended up with the same negative results. Do you happen to know how to check the logs in order for us to see what is really going on?
you can do a packet capture on the WAN to see whats going on. Are you using FIOS with TV?
I'd recommend calling FIOS and asking them to release your DHCP to your old verizon router. You should then be able to renew the IPv4 address from FIOS.
@paint no TV or phone, just internet straight from the ONT.
Yeah, I may have to contact FIOS and request to release the IP on my current router. I was hoping not to get them involved as I'm a bit paranoid of what kind of misconfiguration they may do on their end. Last time they tried to help me i ended up with no internet connection every friday night.
@lrossi read some of my threads on fios. I basically fake their packet using advance dhcp settings.
@paint your post are very convoluted. I'm still digesting the information on them. However, i was able to obtain a public ip by installing a dumb switch between the ONT and the SG-1100.
Why did this work? how? I don't know but I would like to know because I would like to eliminate that switch if i can. That switch is doing nothing for me besides allowing the SG-1100 to get a public IP.
@lrossi im sorry you feel like the posts are convoluted.... networking infrastructure can feel that way sometimes. I was trying to be as specific as possible when explaining a complicated setup to enable the FiOS guide with your own router. I also provided a network diagram which makes it easier to digest whats going on.
How experienced are you with networking? Do you understand OSI, layer 2 and layer 3 managed switches?
It is weird that a dumb, unmanaged switch fixed your problem. I am glad you got it working however.
In short, my setup I described in my other post makes your pfSense router the main router. Engress and Ingress is mirrored between the ONT, the pfSense router and your verizon router. In this setup both routers are getting the same WAN IP from the ONT so you can get guide services for your PVRs and use your pfSense router as the main router.
Alternatively you would need to have the verizon router in front of your pfSense router, which would make it double NAT'ed.
Here is another post from dslreports that shows all of the various setups you can use to run your own router and have guide service. https://www.dslreports.com/faq/verizonfios/3.1_General_Networking
@paint Don't get me wrong, i understood why you did what you did. I just said it was convoluted because that would be too much for my case as I only have internet service.
My experience in networking in general is completely empirical as I'm an electrical engineer, not an IT or a network engineer. I understand the flow of data very well and teaching myself about firewall rules. I have very limited experience with managed switches and, while i find them interesting and practical, i find that they are another thing that could be mis-configured or break in a residential environment.
In a commercial application, managed switches is definitely the way to go.
@lrossi if you only have cable service, you dont need to do what I previously did. I now run cablecards so I dont need to run the dual router setup. My mistake, I quoted the wrong post. Please try using this post instead: https://forum.netgate.com/topic/102195/fios-wan-dhcp-setup-for-g1100-fios-quantum-router-with-pfsense-no-bridging
This link describes how to change pfSense to send the same DHCP packet request to the ONT as the G1100
It is weird that you need a switch in between the ONT and the pfSense router. That should not be the case.
@paint Thank you. I will check this info tonight as I'm exhausted of reading about the same thing all day.
You are not the only one surprised about the switch solving the issue. I opened a ticket with Netgate and they cannot understand it either. They found that the SG-1100 is just not negotiating the link speed properly with the ONT.
They determined that the switch is doing all link negotiation duties. The switch can properly determine the link speed to the ONT and the SG-1100.
Negate instructed me to change the WAN from Auto speed to manual and that didn't solve the problem. In any event, they are investigating.
In case you were wondering, this is where i got the idea of adding the switch (I'm not smart enough to have come up with this myself):
For the people following this thread, manually selecting the link speed to 1000Mbps did not solve the problem.
Netgate suggested to try again using 100Mbps (since that is my contracted speed) and see if that worked. They said it would be unlikely to solve the issue but I tried it anyways. and IT WORKED.
The SG-1100 can obtain a public IP when connected directly to the ONT if the WAN link speed is manually set to 100Mbps.
Now, why the auto-negotiation of the WAN port in the SG-1100 did not work in this case? That is an investigation for another day.
I'll keep you guys posted as this information may help someone else going through the same problem. Hopefully i can save them some time when troubleshooting.
@lrossi check the way I construct the dhcp packet after you rest. I think Verizon doesnt know how to configure their juniper switches on their end correctly
@paint Thanks for the help but I believe i don't need to construct any special DHCP package in my case.
Netgate explained to me that the "Auto" link speed function only works with both, the netgate device and the device on the other end (ONT in this case), are set to Auto. Since the SG-1100 could not get a negotiate a link speed when it was set to "auto", they suggested that it didn't work because the ONT must have been set to manual.
I connected my workstation directly to the ONT and windows set the connection speed to 100Mbps. Therefore, the connection on the ONT must have been set up to "Manual 100Mbps".
With this information, i set the link speed of the WAN port on my SG-1100 to manual 100Mbps and it negotiated a public IP in no time.
I called verizon and they confirmed that the ONT was set to manual 100Mbps. They also told me that they could not remotely change the link speed to 1Gpbs or the type to "auto". If i ever wanted a faster internet connection then they would have to replace the ONT since it is a hardware limitation of the ONT i currently have installed.
So, with that, this issue has been resolved on my end.