Bridge mode static IP config vodafone HFC
-
Hello, I'm new to pfSense.
Im trying to configure pfsense behind my ISP router that is currently in bridge mode.
My ISP is Vodafone Spain and fiber type is HFC.
I have public static IP and trying to get this IP in the pfsense WAN interface is where the problems begins.
If i let the config as DHCP and nothing more configured, then i get a dynamic IP from the ISP and i have Internet.
If i clone the MAC Address from the CableModem the i get an IP that appears in the ISP GUI but is not my static IP and also dont have Internet.
In the ISP Router GUI the wan interface seems to have two IPs as shown in the picture:
I have the IP 10.132.39.xx and the gateway 10.132.31.1 when i have the MAC cloned, but the static IP i'm paying for is the 62.43.203.xx.
I don't understand how is possible the WAN interface has two different IPs. Router is technicolor cga 4233vdf.
Thanks -
It looks like the ISP router is using a private subnet on it's WAN directly (10.132.X.X) and they are routing the public IP to it. In bridge mode I'd expect the private IP to be routed to pfSense instead. You would need to configure it to do that though.
-
@stephenw10 Yes, it is probably like that. But im not sure i can do that from pfSense because i only have one WAN interface and i don't know where i can set the second (the public) IP.
From the company they are not helping me. -
When you set the modem/router in bridge mode do you have to specify device to bridge to?
What subnet does pfSense get an IP in when you set the WAN to DHCP?
You may be able to just add the static IP as a IPAlias VIP on WAN.
-
Hi! No, i dont have to specify a device to bridge to. I only have to enable bridge mode which disables router mode. No more options in the ISP Router.
About the subnet when i set the WAN to DHCP, if i dont change the MAC i get a valid dynamic public IP and i have Internet. When i clone the CableModem MAC of the router i get a private IP 10.132.34.xx and the 10.132.32.1 gateway like the ISP Router (which seems to be a right step) but i don't have Internet and the IP is not my static IP.I already tried to set the IPv4 alias to the static IP but its ignored. Also i tried to set the MAC, the SN and the IP as the hostname identifier and has no effect.
-
How did you test the VIP?
I would try to ping out from it. I would also try to ping to it from something external and see if those arrive at the WAN.
Is there no documentation from the ISP on how to use your static IP? Or using a 3rd party router?
-
@borjaevo said in Bridge mode static IP config vodafone HFC:
About the subnet when i set the WAN to DHCP, if i dont change the MAC i get a valid dynamic public IP and i have Internet. When i clone the CableModem MAC of the router i get a private IP
So then the correct setup is to let pfsense have it's unique MAC and not to clone the MAC from the Cable Modem. I'm guessing they use VLAN's to deliver the 10.132 subnet for management purposes and your public IP on a different VLAN. Perhaps they use the 10.132 for TV as well?
-
@stephenw10 I have called the ISP support team and they said me is not possible to get the public static IP in other router. I ask in other forums and they say some time ago they do it changing their DHCP static table and assigning the IP to the MAC of the new router, in this case, the pfsense WAN MAC. But they are no longer doing that. So the only thing i can do is to change the ISP.
-
@Gblenn We dont have TV, only Internet and phone, and phone is working in bridge mode because it uses other MAC (MTA). I don't know about its architecture but its a possibility that they are using something like you say. Because when i receive that IP i cant ping anything except the gateway. So maybe is VLAN restricted someway. They don't let you know anything about this configuration so the decision about changing the ISP is already done.
-
@borjaevo said in Bridge mode static IP config vodafone HFC:
@stephenw10 I have called the ISP support team and they said me is not possible to get the public static IP in other router. I ask in other forums and they say some time ago they do it changing their DHCP static table and assigning the IP to the MAC of the new router, in this case, the pfsense WAN MAC. But they are no longer doing that. So the only thing i can do is to change the ISP.
They don't let you know anything about this configuration so the decision about changing the ISP is already done.I don't really see the problem as long as you do get a public IP. Why does it matter that it's not a static one?
You can always "call home" using a Dynamic DNS service, many of which are free. And pfsense will updage whenever, if ever, your IP changes. Most ISP's do it this way for home usage, and they would probably charge way more for static IP's that require a lot more admin on their side.We dont have TV, only Internet and phone.
I'm not saying you have TV, I'm saying they use VLAN for that service as it's internal to their network.
-
Well if the ISP are charging for it and you ware paying then I would want to see it.
Seems like the only way it could work is to clone the MAC address and set it as a VIP. Send some traffic to it and see if it arrives in a packet capture.
-
@stephenw10 said in Bridge mode static IP config vodafone HFC:
Well if the ISP are charging for it and you ware paying then I would want to see it.
100%, if it is something like this which they charge €15 for... https://www.vodafone.es/c/empresas/autonomos/es/vodafone-para-tu-negocio/servicios-one-profesional/ip-fija/
But for regular home use, or even small business use, why pay that money? Unless it would otherwise change frequently and create regular interruptions, it really doesn't matter.
@borjaevo Perhaps a long shot, but which port is pfsense connected to on the modem? Sometimes in Bridge Mode it's only one of the ports that provide internet, likely port 1.
