Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Quick network setup with pfSense

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    12 Posts 3 Posters 8.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pftdm007
      last edited by

      I thought this question would be a simple one for the real pfSense guru's here! ;)

      Basically I just got a SMC networks cable modem for high speed internet, and it does not want to "handshake" with my pfsense box.

      I've set the IP of the modem to 192.168.0.98, the netmask to 255.255.255.0 and enabled the DHCP server with lease time forever.  Everything else is disabled.

      If I connect my slackware laptop to the modem, and execute the IP renewal, I get 192.168.0.11 and I can access the web.

      Now, if I connect my pfsense router to the modem, and then plug my laptop to the router, I can get an IP from pfsense via DHCP, and fhe WAN side is configured to get an IP from a DHCP.  In fact it gets 192.168.0.10 from the cable modem.

      So everything is working normally, but I cant get on the WAN,..

      What's the problem?

      1 Reply Last reply Reply Quote 0
      • P
        pftdm007
        last edited by

        I looked in the modem options, there is really not a whole lot of options there…

        Really, I can guarantee that pfsense is the problem.  When my pfsense router stands between the modem and the laptop, its failure....  even the router cant access the web... I ping the modem IP and get 100% packet loss.

        any clue?

        1 Reply Last reply Reply Quote 0
        • W
          wallabybob
          last edited by

          @lpallard:

          What's the problem?

          You might have many problems, but lets start here: Please post the output of the pfSense shell command ifconfig -a.

          1 Reply Last reply Reply Quote 0
          • P
            pftdm007
            last edited by

            Thanks for the reply wallabybob!  I am just about to build a new pfsense box so I expect things to work smooth…

            The output of ifconfig -a on the router gives (when plugged to the damn modem):

            
            $ ifconfig -a
            fxp0: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 1500
            	options=9 <rxcsum,vlan_mtu>ether 00:09:6b:5a:59:d1
            	inet6 fe80::209:6bff:fe5a:59d1%fxp0 prefixlen 64 scopeid 0x1 
            	inet 192.168.0.10 netmask 0xffffff00 broadcast 192.168.0.255
            	media: Ethernet autoselect (100baseTX <full-duplex>)
            	status: active
            xl0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
            	options=8 <vlan_mtu>ether 00:60:08:4a:39:aa
            	inet 192.168.0.100 netmask 0xffffff00 broadcast 192.168.0.255
            	inet6 fe80::260:8ff:fe4a:39aa%xl0 prefixlen 64 scopeid 0x2 
            	media: Ethernet autoselect (100baseTX <full-duplex>)
            	status: active
            lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384
            	inet 127.0.0.1 netmask 0xff000000 
            	inet6 ::1 prefixlen 128 
            	inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 
            enc0: flags=0<> metric 0 mtu 1536
            pfsync0: flags=41 <up,running>metric 0 mtu 1460
            	pfsync: syncdev: lo0 syncpeer: 224.0.0.240 maxupd: 128
            pflog0: flags=100 <promisc>metric 0 mtu 33204</promisc></up,running></up,loopback,running,multicast></full-duplex></vlan_mtu></up,broadcast,running,simplex,multicast></full-duplex></rxcsum,vlan_mtu></up,broadcast,running,promisc,simplex,multicast>
            

            I also did that from my laptop, connected to the router.  Works flawlessly.

            eth0      Link encap:Ethernet  HWaddr 00:1d:09:48:97:c8  
                      inet addr:192.168.0.106  Bcast:192.168.0.255  Mask:255.255.255.0
                      inet6 addr: fe80::21d:9ff:fe48:97c8/64 Scope:Link
                      UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
                      RX packets:970 errors:0 dropped:0 overruns:0 frame:0
                      TX packets:1061 errors:0 dropped:0 overruns:0 carrier:0
                      collisions:0 txqueuelen:1000 
                      RX bytes:790896 (772.3 KiB)  TX bytes:141077 (137.7 KiB)
                      Interrupt:17
            
            1 Reply Last reply Reply Quote 0
            • P
              pftdm007
              last edited by

              Got it to work!  But I wonder if it is normal and also if I did the proper thing…

              Under Interfaces>LAN I selected WAN in the dropdown menu for "Bridge with" (it was set to None)...

              Is that OK to do so?

              1 Reply Last reply Reply Quote 0
              • D
                dreamslacker
                last edited by

                In this instance, the cable modem is actually doing the NAT/ routing.  If you want the pfsense as a NAT router (which it is much more robust), you need the SMC to bridge instead.

                1 Reply Last reply Reply Quote 0
                • P
                  pftdm007
                  last edited by

                  Thats a stupid SMCD3GN cable modem/router/everything-in-the-universe and I cant find option to deactivate the routing functions…  Might have to call my ISP and get a basic cable modem from them.

                  1 Reply Last reply Reply Quote 0
                  • D
                    dreamslacker
                    last edited by

                    Call your ISP and request for the tech to:

                    1)  Login to the modem with the higher level admin account.

                    2)  Select "Disable all commercial gateway functions" under the systems page.

                    No need to replace the unit at all.  If your ISP is Rogers, try logging in as:

                    User name: cusadmin – Password: password

                    Or

                    User name: rogcesadmin – Password: wra8uje

                    1 Reply Last reply Reply Quote 0
                    • P
                      pftdm007
                      last edited by

                      Just called Rogers (you must be in Canada as well ;) and the tech guy deactivated the commercial roiuter functions, now it works perfectly.

                      I guess he deactivated everything but the modem function because even the web interface is gone..

                      1 Reply Last reply Reply Quote 0
                      • W
                        wallabybob
                        last edited by

                        What was wrong with your original configuration was that you had your WAN and LAN interfaces in the same IP subnet: 192.168.0.0/24. Consequently when you tried to access the modem (192.168.0.98) there wasn't a single interface for pfSense to use to access the modem.

                        If you had made your LAN interface 192.168.1.x/24 (and suitably modified the DHCP address range on LAN) you would probably have got a bit further.

                        http://forum.pfsense.org/index.php/topic,25373.msg131688.html#msg131688 links to some articles that explain IP addressing in more detail.

                        1 Reply Last reply Reply Quote 0
                        • D
                          dreamslacker
                          last edited by

                          No.  I live in a country where the political system is an Authoritarian Democracy but the way things work, it seems more like a Socialist Republic.

                          1 Reply Last reply Reply Quote 0
                          • P
                            pftdm007
                            last edited by

                            Thanks guys for your help!  Very appreciated!  I guess I'll read some of the documentation about IP addresses….

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.