PPPoE with vlan
-
Hmm, well my next step after that would be to try to get a packet capture of what the WAN is actually sending. That would probably require a switch configured with a mirror port in-line though.
Steve
-
@stephenw10 i can try to see if i can do it, where would i need to set my switch then? With a cable directly from the bridged router to it?
-
Well I'd first just try a pcap on em0 in pfSense directly and see if you see any incoming packets there. And that the outgoig packets are tagged as expected.
The problem with that is that the capture is after any hardware packet processing so potentially may hide an issue. A pcap from a switch mirror port always shows what's actually on the wire but is more difficult to do. Once you have that though you can capture what other routers are doing when the connection is working as expected.Steve
-
@stephenw10 Sorry it has been so long. I just did an packet capture
https://imgur.com/a/MyPM4ln -
Right so only the broadcast traffic from pfSense, no replies from the server at all.
If you expand the layer 2 info there you should be able to see the VLAN tags on it. Assuming you moved the PPPoE config back to em0.101.
Steve
-
@stephenw10 yeah i think so, the data captured i think it was on em0.101 not sure though
-
Ah, then try capturing on em0 directly so you can see the VLAN tagged packets.
Capturing on the VLAN won't show that. And it also won't show any replies that aren't using that VLAN tag.
-
@stephenw10 i haven't been home for some days now but i could try, if i even remember how i did it at first
-
Assign and enable em0 as an interface directly if it isn't already. You can leave the IP addresses as 'none'.
Then pcap on that whilst trying to connect.You should see the PPPoE packets tagged with the 101 VLAN in the capture.
And you will see any replies coming back. And possibly on a different VLAN if so.
-
@stephenw10 so a cable to a computer with wire shark and see the trafik for any PPPoE trafik
-
No you can run the capture on pfSense. And in fact you would have to because em0 has to carry the PPPoE traffic to the modem.
-
@stephenw10 what settings do i use for it? Other than wan https://imgur.io/a/64TIFTF
-
The interface probably isn't going to be WAN since that would be the PPPoE link. It should be whatever you assigned em0 to.
I would also enable promiscuous mode and set the packet count to 1000. -
@stephenw10 are you available for call it would be much easier than this, i don't really understand what you want to pcap
-
I made a pcap of the wan (right now wan is just the cable plugged in to the modem) with the settings https://imgur.com/a/67dMLkJ
-
I can't do that, we have paid support for that
https://www.netgate.com/supportHow do you have the interfaces configured currently? In Interfaces > Assignments?
-
@stephenw10 oh okay, wan is just set to em0
-
Ok, you need to have WAN assigned to the PPPoE link on em0.101 as the ISP requires.
Then have em0 assigned as a different interface so you can capture on it from pfSense directly and check the tagging on the PPPoE traffic.
-
@stephenw10 so i pcap opt witch is em0 and have wan on PPPoE over vlan 101?
-
Yes, exactly.
You should then see the PPPoE packets with the VLAN 101 tags.
And you will also see any incoming traffic from the ISP and how that might be tagged.
