Pfsense configuration issues with ISP router (FTTB)
-
Hey all,
I have decided to take the leap and learn Pfsense to help secure my home network.
I have installed Pfsense on my HP T620 thin client.
Setup WAN and LAN interfaces in the setup screen.Im running a TPlink archer VR1600v all in one router that was supplied by my ISP its also FTTB
I have plugged my Ethernet cable to a LAN port on the ISP router and the other end into the WAN port of the PFsense box (is this correct?) or do i plug into the router WAN > PFsense WAN?
Doing some more research i was told i would need to put that router into bridged mode to work with PFsense, upon further research i saw no options to do so within my router settings page TPlink archer (VR1600v)
Someone online said i can put into bridged mode using this setting below
I went to the DSL section of my router and added a VDSL connection with a VLAN id of 2
There where already two WAN interfaces on my router that the ISP put there
So i deleted them and added a new one (this pic is from another user online but the menu is similar)
I was told this was the only way to put this router into bridge mode
and then followed this advice i found online pertaining to my router and ISP:
I then went into PFsense menu and changed WAN interface to PPPOE and inserted my ISP PPPOE username and password.
I did not know what to put for MTU and that other one etcI then disabled DHCP on the ISP router and also disabled WIFI
After this i rebooted and it looks like I was then given a public ip for the WAN on the dashboard menuTo be clear i have no idea what this is actually doing and want to know if this is correct.
Why do i have to muck around with PPPOE?
Is this because im on FTTB?And by doing this Is it putting the router into bridge mode?
I want to know if this is correct?
TWO PROBLEMS
-
I have internet but it seems to be very slow taking a long time to load pages.
-
I also want to use a small GLINET slate router as a wifi access point to the pfsense but i have no idea how.
I put it into access point mode and plugged it into another port on my pfsense box but it wont get internet*
Can i change to a router that has better brodge supoprt or is that down to my ISP serving me internet via PPPOE?
And is there an easier way to do all of this?
I'm still very new to all of this and did as much research as possible before i posted here but i really want to do things the right way
I Hope i have made sense and would be grateful for any assistanceThanks
-
-
@wall_of_fire_1169 This may help: https://docs.netgate.com/pfsense/en/latest/services/pppoe-server.html
However, you need to search the Internet for self-learning projects as, we all had to do, on your own.
-
@nollipfsense said in Pfsense configuration issues with ISP router (FTTB):
This may help: https://docs.netgate.com/pfsense/en/latest/services/pppoe-server.html
Nope, that would be for running a PPPoE server on pfSense which is not what you're doing here.
@wall_of_fire_1169 said in Pfsense configuration issues with ISP router (FTTB):
To be clear i have no idea what this is actually doing and want to know if this is correct.
Why do i have to muck around with PPPOE?
Is this because im on FTTB?It looks like what you did is correct because you are getting a public IP on the pfSense WAN which is the goal.
You have to use PPPoE because that's what your provider is using. You can see in the initia;l screenshot from the ISP router that it is configured for PPPoE on VLAN2. What you are doing here is putting the USP router in 'modem' mode so it's nothing but the VLAN tagging. The PPPoE session is now being handled by pfSense, which is correct.Does it take a long time to start loading pages but then load them normally?
If you download a large file does it download at expected speeds?
It sounds like you may be seeing a DNS issue. Or possible an IPv6 issue if your WAN is configured for that.
I note that in the initial screenshot the ISP has a second connection configured as IPoverEthernet on VLAN6. Do you know what that is? IPTV or VoIP perhaps?
Steve
-
@stephenw10
Ok well its good to know i'm on the right track with this so thank you.
I'm still quite new and have really tried to learn as much as i can as quickly as possible.I have a few questions:
-
So some people will have to use PPPOE as that's what their ISP supplies?
-
Also am i plugging it up correctly? with (ISP routers LAN > PFsense's WAN port?)
Or do I plug (ISP WAN > PFSense WAN port?) -
Im not sure what to put in the MTU ans MSU sections does this matter?
-
I have left off the override dns section not sure if i should or not based on my problem
-
Do i change the bridge mode in the DSL or EWAN sections?
Does it take a long time to start loading pages but then load them normally?
Yes the page loads but takes a really long time but once i have visited that page it loads faster im assuming this could be a DNS issue as you mention.
If you download a large file does it download at expected speeds?
Well i did a speed test and my speeds where normal which is weird.
I note that in the initial screenshot the ISP has a second connection configured as IPoverEthernet on VLAN6. Do you know what that is? IPTV or VoIP perhaps?
Good question, i'm not to sure, possibly voip like you said.
Its what appears on the stock router i'm assuming i delete both if I'm going to setup bridge mode right?
I have to delete one of them as its using the VLAN2 and that's what i need as per the instructions for bridge mode.Thanks for your help its much appreciated .
-
-
Yes, if your ISP is using PPPoE then something has to set that up. If putting the ISP router in bridge/modem mode stops that being the PPPoE client then pfSense has to do that.
Yes, you're connecting it correctly. The fact that the PPPoE session comes up correctly and gives you a public IP on the pfSense WAN shows it is correct.
You should leave the MTU as the default at least until you have everything else working.
DNS override is not required. pfSense acts as a DNS resolver dircetly.
@wall_of_fire_1169 said in Pfsense configuration issues with ISP router (FTTB):
Do i change the bridge mode in the DSL or EWAN sections?
I'm not sure what you mean there. In the modem? You should not have to change anything in the modem that part seems to be working fine if pfSense gets a public IP.
Ok, if you have large initial delay and then it starts loading normally it's probably either DNS or IPv6.
Are you getting an IPv6 address on the WAN?
Try going to Diag > DNS Lookup in the pfSense GUI and resolving something. Make sure all the configured DNS servers are responding in a reasonable time.
Steve
-
I'm not sure what you mean there. In the modem? You should not have to change anything in the modem that part seems to be working fine if pfSense gets a public IP.
Yes im getting a public IP i just wanted to make sure i did it correctly.
I followed the instructions i found online pertaining to my router and ISP to put it into bridge mode.
There where two sections:
One was DSL (the place i put in the new bridge connection on Vlan2 and deleted the old ones that the ISP had set up)And another section that was similar which was called EWAN
I just don't know what the difference is between the two.
Are you getting an IPv6 address on the WAN?
I will check now.
-
I would expect the DSL section is correct. You'd need to check the TP-Link manual to know what those other options are.
As I said it pretty much must be correct since the pfSense PPPoE WAN is successfully connecting.Steve
-
Yes that makes sense if I'm getting a public IP.
I will check on the IPV6 and DNS stuff and see if that has anything to do with websites loading slow.
I guess the last piece of the puzzle is figuring out how to get my mini gli-net slate router as a WiFi access point for the PFsense box.-
I have turned on another LAN port on the PFsense
-
I have activated the gli-net routers Access Point mode and connected it to the new LAN port on the PFsense
(not the one my laptop is connected to)
I'm not getting any WIFI access point come up though.
And i cant access the gli-net settings on 192.168.8.1 to set it up
Shouldn't the dhcp server on the PFsense box allocate it?Do i have to bridge the LAN ports?
I'm really trying to understand all these settings and i think I'm getting close to having something that works.
Thanks for your patience and assistance it's really appreciated.
-
-
I assume that's running OpenWRT?
I would expect it to come up as a DHCP client be default but it may not. If it's static you'd have to set it in the correct subnet.
It should appear as a wifi AP to wireless clients even if it's not connected so you'll have to check it's config. Try connecting to it's console so see what's happening.
That's probably better served on the OpenWRT forum (assuming it's running that).Steve