Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    ATT Internet AIr

    Scheduled Pinned Locked Moved General pfSense Questions
    290 Posts 5 Posters 75.0k Views 4 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A Offline
      ahole4sure @Gblenn
      last edited by

      @Gblenn @stephenw10

      https://forum.netgate.com/topic/195348/vlan-for-a-failover-modem-and-one-of-my-subnet-networks-for-camers

      G 1 Reply Last reply Reply Quote 0
      • G Offline
        Gblenn @ahole4sure
        last edited by

        @ahole4sure It's really strange that the ATT modem doesn't keep the MAC you enter for the passthrough IP. Sounds like it might be a bug, or that it needs a firmware update? Perhaps you should call their support on that one?

        But can you try swapping the two modems to see if the other one works, and the MAC sticks on that one? If so, you should be ok, since for the other WAN you only have the parent interface connected.

        If not, I suggest you change your setup completely, and don't use VLAN at all on any of the WAN interfaces. Instead change all your VLAN's over to igb1 and connect the switch to that port. Similar to the way I suggested earlier...

        A 1 Reply Last reply Reply Quote 0
        • A Offline
          ahole4sure @Gblenn
          last edited by

          @Gblenn Your last suggestion is probably the way to go -- just so frustrating since it is "supposed" to work.
          And I am now sure that I will have to physically go to the other location for the redesign of the network.

          Just kept thinking that I could (with you guys help) finally figure out what I was doing wrong. The device seems to work well - but I have seen other posts in other places where networking prrofessionals compained about the shortcomings of the modem

          G 1 Reply Last reply Reply Quote 0
          • G Offline
            Gblenn @ahole4sure
            last edited by Gblenn

            @ahole4sure said in ATT Internet AIr:

            Just kept thinking that I could (with you guys help) finally figure out what I was doing wrong

            I guess the thing is that you are not doing anything wrong... and it would work just fine if the MAC address you input would just "stick"... Have you tried swapping the modems, just to see if it behaves the same? Or is the other one at the remote location?

            [Edit] Perhaps a silly question... in the ATT menu section for passthrough where you enter the MAC, I suppose there is some "Save" button? And have you verified that if you log out and back in again, that it doesn't change?

            A 1 Reply Last reply Reply Quote 1
            • A Offline
              ahole4sure @Gblenn
              last edited by

              @Gblenn So as far as the MAC address - there is an apply button. But the issue is that after I hit reply and put back into the system I have no access to the modem - For some resason I can't reach 192.168.3.2 (the address of the modem) since in the system setup as a static IP (since DHCP isn't working) it is only recognized as a public IP .... so bottom line I can't access the modem while it is in the actual system.

              When I take it out and connect it to a PC -- the MAC address has changed to the MAC of the PC ethernet adapter

              It should't change but -- maybe it changes by design when it recognizes a new system ???

              1 Reply Last reply Reply Quote 0
              • stephenw10S Offline
                stephenw10 Netgate Administrator
                last edited by

                Yup if you power it off it could well switch to the MAC of whatever you attach.

                To access the modem when it's in pass through mode you probably need a VIP on the WAN in the modem subnet.

                G 1 Reply Last reply Reply Quote 0
                • G Offline
                  Gblenn @stephenw10
                  last edited by

                  @stephenw10 said in ATT Internet AIr:

                  o access the modem when it's in pass through mode you probably need a VIP on the WAN in the modem subnet.

                  Or a static route to the management IP...? That worked for me when I was testing a 5G router in bridge mode some time back...

                  1 Reply Last reply Reply Quote 0
                  • stephenw10S Offline
                    stephenw10 Netgate Administrator
                    last edited by

                    Yup some modems will be able to reply in that situation. Some don't have a route back to reply without a VIP, and sometimes a NAT rule.

                    A 2 Replies Last reply Reply Quote 0
                    • A Offline
                      ahole4sure @stephenw10
                      last edited by

                      @stephenw10 @Gblenn

                      Just want to thank you guys again!! I'm not sure if this will convince you of how many stupid things can happen or if it helps you or others in any way lol

                      So it had not ocurred to me that 2 identical modems would not work the same way OR that one could have something wrong (or be provisioned wrong).

                      I did as @Gblenn suggested and I tried modem #1 on the VLAN interface --- just unpluged from the physical WAN interface and plugged into the VLAN switch port ... viola - worked exactly as it was supposed to !!

                      So I started looking at modem #2 device info etc etc. What found was that it must not be provisioned fullly - it works if I leave it on the non static IP APN (that's the way ATT gives me the static IP, is by giving me a custom APN that is apparently provisoned to that IMEI only), but if I switch to the other APN - it switches to the static IP properly but does not give DHCP info even to my PC
                      Then I noticed in the device info page of the 2 devices that the working one has a phone number while the non-working modem does not -- bottom - line . Modem #2 is not provisioned (or at least the account) properly and should be able to be fixed once my business rep gets back from Thanksgiving holiday.

                      As far as not being able to reach modem #2 web interface - I coulldn't understand why , after using the non static IP APN that allowed for the dhcpc to work , .... then realized that I created the VIP but not for the modem 2 interface. The VIP I created was for the otehr interface.Image 11-27-24 at 5.27 PM.jpeg Image 11-27-24 at 5.29 PM.jpeg

                      1 Reply Last reply Reply Quote 1
                      • A Offline
                        ahole4sure @stephenw10
                        last edited by

                        @stephenw10 @Gblenn

                        The weirdness still continues
                        Even though I thought I had things working correctly the dynamic ipv4 gateway would go offline and I couldn't get it to come back on
                        (admitedly all this might be the provisioning issue)

                        BUT -- I can get the ipv4 gateway to come online by enabling the dynamic ipv6 for the interface
                        when I enable that - it immediately makes the ipv4 gateway come online!!

                        I know so little about ipv6 --- does any of that sound familiar to anyone?Image 11-27-24 at 6.11 PM.jpeg Image 11-27-24 at 6.12 PM.jpeg Image 11-27-24 at 6.15 PM.jpeg

                        1 Reply Last reply Reply Quote 0
                        • stephenw10S Offline
                          stephenw10 Netgate Administrator
                          last edited by

                          You can't put those two VIPs on different interfaces because they are both using the same subnet.

                          You will need to change the management IP for one of the modems so it's in a different subnet,

                          A 1 Reply Last reply Reply Quote 0
                          • A Offline
                            ahole4sure @stephenw10
                            last edited by

                            @stephenw10

                            Ok. I know there are lots of variables in this messed up case, but I originally had modem #2 setup on 192.168.3.1 and it didn’t work
                            That’s why I switched
                            But I guess I shouldn’t have same subnet VIPs on different interfaces??

                            1 Reply Last reply Reply Quote 0
                            • stephenw10S Offline
                              stephenw10 Netgate Administrator
                              last edited by

                              Indeed you can't have the same subnet on more than one interface. Especially because the gateway for one of them is in that subnet. You have a routing conflict which is probably why it stopped responding.

                              1 Reply Last reply Reply Quote 0
                              • A Offline
                                ahole4sure
                                last edited by

                                @stephenw10 @stephenw10
                                Well I spoke too soon -- even modem #1 (with the presumed correct ATT provisioning ) finally started disconnecting ...

                                When I watch the modem dashboard screen (and even the ethernet lights) it appears the ethernet connection intermittently disconnectsand reconnects
                                And YES I was able to get into the modem interface (with appropriate creation of VIP) and set the MAC address to the pfsense interface. And I even "blocked" (on the ATT modem ethernet interface) the MAC address of the switch VLAN port.

                                So my question for you guys -- have I done everything that I can do -- any other VLAN settings to change or try?
                                And if I have my options are to :

                                1. do as @Gblenn suggested and just modify my setup so that my pfsense has only my various LAN subnets connected via VLAN and connect the ATT modem directly to the pfsense

                                or

                                1. assuming I haven't done something wrong and others on the internet who have connected a WAN through VLAN succesfully -- then return my ATT modem and buy a cellular modem gateway that will work correctly with VLAN (and utilize ATT). If I go that route - any suggestions on device?

                                I am attaching my VLAN settings one more time to be sure I haven't overlooked something
                                where VLAN ID 10 was my modem

                                Screenshot 2024-11-28 131159.png Screenshot 2024-11-28 130951.png

                                G 1 Reply Last reply Reply Quote 0
                                • G Offline
                                  Gblenn @ahole4sure
                                  last edited by

                                  @ahole4sure said in ATT Internet AIr:

                                  even modem #1 (with the presumed correct ATT provisioning ) finally started disconnecting ...

                                  That is wierd, so when it's connected directly to the pfsense interface, it is stable and "just works"? But when connected via the TPLink, it disconnects... and reconnects?

                                  Does it at least maintain the MAC and provide that intermittent connection only towards pfsense now? Anything in the TPLink switch that can give an indication, like stats (bad packets etc)? Does the port light turn off when the link is down?

                                  I'm starting to think it could be a cable issue perhaps?

                                  A 1 Reply Last reply Reply Quote 0
                                  • A Offline
                                    ahole4sure @Gblenn
                                    last edited by

                                    @Gblenn

                                    Regarding cable

                                    Tried 3 different ones
                                    And all three pass cable tester

                                    1 Reply Last reply Reply Quote 0
                                    • stephenw10S Offline
                                      stephenw10 Netgate Administrator
                                      last edited by

                                      Hard to imagine the VLAN itself could be an issue. I would try to remove VLAN 1 from the interface connected to the modem. The switch admin interface is the only thing that could be interacting with the modem. Everything else is just forwarding packets.

                                      I assume the switch interface is set statically? If it's set as dhcp that could be a problem.

                                      A 1 Reply Last reply Reply Quote 0
                                      • A Offline
                                        ahole4sure @stephenw10
                                        last edited by

                                        @stephenw10 @Gblenn

                                        So I changed all cables
                                        No change
                                        Currently if I connect eitehr ATT modem through port 2 of the switch with port 1 connected to the pfsense igb3 port - I get this cycling over 1 to 10 seconds fo connected (varies between 1 and 2 devices - when 2 devices connected shows on the ATT modem it reports the MAC of the pfsense port and the switch), and disconnected (see photos of the ATT device - those photos are about 5 sec apart)

                                        I made changes in the switch to get rid of any members to the default VLAN (VLAN 1).

                                        I ordered 2 new switch from. Amazon - a netgear and a different one to see if it has to do with the switch

                                        IMG_0276.jpg IMG_0277.jpg Image 11-29-24 at 8.35 AM.jpeg Image 11-29-24 at 8.36 AM.jpeg Image 11-29-24 at 8.39 AM.jpeg

                                        1 Reply Last reply Reply Quote 0
                                        • stephenw10S Offline
                                          stephenw10 Netgate Administrator
                                          last edited by

                                          Port 1 should not have pvid 10. You don't want untagged traffic there ending up at the modem. Though there shouldn't be any untagged traffic arriving at port1.

                                          A 1 Reply Last reply Reply Quote 0
                                          • A Offline
                                            ahole4sure @stephenw10
                                            last edited by

                                            @stephenw10

                                            Would there be anything else to explore , that would make the device intermittently connect and disconnect from the Ethernet??

                                            Ordered new switches to trial that

                                            Could it be anything in pfsense that would cause that?

                                            And I guess it could be the ATT modem, but both modem # 1 and 2 do it so it would have to be a widespread issue

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.