How do I correctly setup adsl modem on WAN2 avoiding double NAT



  • I hope this hasn't been posted elsewhere, but if so, could someone point me in the right direction.

    I'm trying to replace a Linksys RT082 which has dual WAN and IPSEC tunnels with fallover redundancy.

    My topology is:

    RT082 - 192.168.2.1 –> WAN1 PPPOE to modem in bridge mode ADSL2 public IP Address
                            |____> WAN2 PPPOE to modem in bridge mode ADSL2 public IP Address

    The VPN tunnel has a simple fallover which tries the WAN2 public IP if WAN1 fails.

    My question is how to setup WAN2 in pfSense with bridge mode not available.  I can setup up the modem to make the connection using PPPOE or PPPOA, and assign the WAN2 connection a static ip address or have it obtain it from the modem using DHCP, say on 192.168.3.0 so it's on a different subnet, and then put the router's ip address as the DMZ host in the modem, but this causes a few issues.

    First, I can't seem to get WAN2 to do anything without having NAT enabled on the modem, which I believe will cause double NAT.

    Second, I don't know how to assign the public IP address from the modem to the WAN2 connection, something that is necessary for the IPSEC tunnel on the other end (which is an RV082 that I have no control over in terms of changing hardware).  It also seems to cause issues with VOIP on the WAN2 connection, though I haven't checked it thoroughly.

    I have seem half bridge mode modems mentioned, but my modem does not have this.  I suppose I could get one, but I'd like to make sure there are no other options and would prefer to stick to the ISP modem if possible as technically, they won't support other brands.

    Thanks,

    Mark


Log in to reply