WAN interface with VLAN and MAC spoofing. Is that possible?

paintbrush · Dec 28, 2022, 11:06 PM

Hi! I'm new to pfSense.
My ISP provided me with a router with a WAN interface over VLAN 1074 and with a fixed spoofed MAC address.

I want to use pfSense instead of that router.
I know how to do both things separately in pfSense 2.6.0. But when I try to spoof a MAC when a VLAN is assigned to WAN, the field under "WAN Interfac" to enter the MAC address is greyed, saying that you should do it over the parent interface. When I go to the VLAN interface, I can't find any field where to enter a MAC address...

Is this supported by pfSense? I've been searching for a while and found several threads talking about how it's not possible in FreeBSD to have several VLANs under the same interface with different MACs. But I just want 1 VLAN (not several). I can't seem to find out how...

dotdash · Dec 28, 2022, 11:11 PM

@paintbrush
You can change the MAC on the parent interface, then both the interface and the vlan will have the spoofed MAC. If you need a separate MAC on the parent interface and the vlan, you are probably out of luck.

paintbrush · Dec 29, 2022, 12:01 AM

@dotdash , thanks for answering.
I don't need separated MAC addresses. Just one for all.

Thing is: my interface had the spoofed MAC configured. Then I added the VLAN to the WAN interface and I didn't check if it had changed something.
I made the changes to put the pfSense in service and WAN interface was not getting any IP address (showing 0.0.0.0). Then I realised that the spoofed MAC in WAN interface had been replaced with a grey "xx:xx:xx:xx:xx:xx" and recommeding going to the parent VLAN... I'm lost.

paintbrush · Dec 29, 2022, 6:07 PM

@dotdash
Well, I don't know, but it has worked at the 2nd attempt, I think. I still don't get connection with my ISP, but now I can see that the spoofed MAC address appears in its field (instead of a greyed xx:xx:xx:xx:xx:xx)

This is part of what ifconfig shows:

igb0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: LAN
options=8100b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN_HWFILTER>
ether 00:1a:8c:51:4b:98
inet6 fe80::21a:8cff:fe51:4b98%igb0 prefixlen 64 scopeid 0x1
inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255
groups: Redes_LAN
media: Ethernet autoselect
status: no carrier
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>

igb1: << WAN INTERFACE << flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8100b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN_HWFILTER>
ether 7c:ff:4d3d:f2 <<<<< SPOOFED MAC
hwaddr 00:1a:8c:51:4b:99
inet6 fe80::21a:8cff:fe51:4b99%igb1 prefixlen 64 scopeid 0x2
media: Ethernet autoselect
status: no carrier
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>

............... ........

igb1.1074: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: WAN
ether 7c:ff:4d3d:f2 <<<<< SPOOFED MAC - VLAN 1074
inet6 fe80::21a:8cff:fe51:4b99%igb1.1074 prefixlen 64 scopeid 0xb
groups: vlan
vlan: 1074 vlanpcp: 0 parent interface: igb1
media: Ethernet autoselect
status: no carrier
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>

Jarhead · Dec 29, 2022, 6:14 PM

@paintbrush
No Carrier... are you even plugged in? Do you see a link on either end?

paintbrush · Dec 29, 2022, 6:31 PM

@jarhead
Yeah, there's link.
I've just realized that the original router, apart from VLAN and fixed MAC address, it has a hostname configured.

So, I decided to add the same hostname in pfSense WAN interface and the spoofed MAC has disappeared (greyed xx in GUI and no spoofed MAC at CLI). I guess I have to repeat the process of unlink WAN physical interface from VLAN and start again, but it does not give much confidence...

I know how to check packet counters with "ip address" in Linux, but not in FreeBSD... xD

pfSense DHCP Logs are showing dhclient process sending DHCPDISCOVER over igb1.1074, but no answer apparently.