Dlink 320 + pfsense + be broadband = 2year win, now 2 day fail



  • Hey everyone
    We've had some problems today.

    A setup which has been working perfectly for almost 2 years is now not working at all.

    We are a UK based software developer that runs a pfense firewall behind a dlink 320T on bethere with an adsl2+ connection

    This past weekend there was a local power outage that seems to have either fried the modem or the firewall.

    Suffice to say all the modem settings have been lots, and what we believe the setting to have been simply don't work as soon as the modem is connected to the pfense box.

    I know these detail are a little thin on the ground, but there are the basics from be

    Modem:
    Connection type: static ip
    Ip: 78.xxx.xxx.xxx
    Subnet: 255.255.248.0
    Gateway: 78.105.112.xx
    Vpi: 1
    Vci: 101
    Mtu: 1500

    Pfsense:
    LAN - traffic on LAN is a ok
    Wan - shows the modem details but has 0,0 throughput

    In peoples experience does pfsense require the wan port to just be a normal open net connection, or something further?

    Any suggestion or thoughts would be great.

    Stewart



  • Basic home/small office ADSL modems can typically be configured as a bridge or router. The default is probably router. If yours is configured as a router you should be able to ping it (if you know or can find the IP address).

    When the router is powered up do the status lights indicate activity? (For example, there is often a status light that changes as the modem goes through its initialisation. There is often a WAN light that changes state as the modem tries to initialise its connection to the Internet. The manual is often your helper in this sort of troubleshooting.) Basic ADSL modems are now available so cheaply that if you have doubts about the modem's basic functions you are probably better off buying a new one than spending lots of time investigating.

    @Gilrod:

    In peoples experience does pfsense require the wan port to just be a normal open net connection, or something further?

    It has been my experience that it is sufficient to setup the modem (mine is a basic Zyxel) to "just work" then systems downstream of pfSense have Internet access.  Depending on what you want to do you might have to make more specialised tweaks to the modem (for example, if you are providing Servers that need to be accessed from the Internet).


  • Rebel Alliance Developer Netgate

    It's bound to be something on the modem from what you describe. Are you sure the modem is actually working?

    Can you program a PC/Laptop/Whatever with the IP info that should be on pfSense's WAN and get a connection?

    Depending on the ADSL equipment, there's a lot to go wonky in the settings - VCI/VPI, protocol settings, etc.



  • @jimp:

    It's bound to be something on the modem from what you describe. Are you sure the modem is actually working?

    Can you program a PC/Laptop/Whatever with the IP info that should be on pfSense's WAN and get a connection?

    Depending on the ADSL equipment, there's a lot to go wonky in the settings - VCI/VPI, protocol settings, etc.

    I suspect this is the case, I'm just really pissed that it is this, cos that modem has been great since we got it, NEVER had any problems at all, well other than losing it's settings if the power went out. But we always knew what those were anyway.

    We've even tried to use a Netgear DG834G or something but as that's a modem/router with built in everything, I've been unable to get it to work in bridged mode if PfSense, so am almost at the point of throwing it all out the window in frustration :-/


  • Rebel Alliance Developer Netgate

    Are you sure that the actual line itself is OK? If there was a power surge, it could have damaged the line physically. I've seen many cases where a modem would link but not authenticate or pass traffic on a damaged line.

    Can your ISP or telco run a line quality test for you?



  • @jimp:

    Are you sure that the actual line itself is OK? If there was a power surge, it could have damaged the line physically. I've seen many cases where a modem would link but not authenticate or pass traffic on a damaged line.

    Can your ISP or telco run a line quality test for you?

    Yeah the line is fine, if we use the netgear in it's default router setting and hook up to it directly it's fine, but then we miss the pfsense box out, which is NOT good, as it misses out all the awesomeness that is Pfsense ;)



  • Something that has just occurred however is this…

    As I'm running the modem in bridged mode with the pfsense box, do I not have to configure vpi/vci directly within pfsense, if so where can I do is as I've got not recollection of seeing this option.

    Stew



  • vpi/vpn has to be specified in the modem; its particular to ADSL.



  • Did your modem use to handle the PPPoE and just bridge to pfSense but not it's not set to do so?



  • @CaseyBlackburn:

    Did your modem use to handle the PPPoE and just bridge to pfSense but not it's not set to do so?

    We are with net provider BE here in the UK, they don't use PPPoE, it's pure static IP, IE I specify the IP and their gateway at this end, and they know it's us cos it trains to our actually telephone number.

    We USED to use it in Bridged mode 1483, which is apparently called something else now.

    It would seem that our DLink is dead…

    So now what I need is someone to give me a clue as how to make a NetGear DG843G work in Bridged mode...


  • Netgate Administrator

    If the Netgear doesn't give you the options you need with the standard firmware you could always try a different one such Routertech (www.routertech.org) or Openwrt (www.openwrt.org). You might end up bricking it though.  ::)

    Steve


Log in to reply