Using routed public ip on dsl modem/router



  • I'm having some difficulty getting pfSense to operate using a public IP which is routed as part of a /30 to my (Draytek) modem/router.

    In short, I think the confusion is based on ARP:  " <ip>is on em1 but got reply from <mac>on em0 - but I can't see a way to get around that!

    I have a Draytek Modem/Router connecting to the ISP - it receives a public IP and feeds the LAN on 192.168.1.0;

    it also has a /30 routed to it (separate from the connection IP) from the ISP with the Draytek configuring the first of those as its '2nd IP Address, for IP Routing" - eg:  ..*.200

    The WAN interface of pfSense is set to one of those IPs - ...201 and gates to the above ...200

    I have set up the LAN side of pfSense to be on a separate subnet - 192.168.10.0.  Even so, I can ping the LAN side of the modem (192.168.1.1) as well as the public IP.

    When I try to get out of the network, it just fails and generates the kernel arp messages: "kernel: arp: <mac addr="">attempts to modify permanent entry for ..*.200 on em1"

    Any thoughts on how to get around this?

    Thanks</mac></mac></ip>


Locked