Connecting to israeli ISP's (cable infrastructure) via pfSense ?



  • hi all

    the method to obtaining an public IP address via israeli ISP's over cable infrastructure is a bit different and non regular
    i wonder if i can use pfSense as my firewall / router insted of my old Cisco 1841 that cannot holdup my new bandwidth ? :(

    This is how the connection achieved in the cisco way:

    pseudowire-class ISP
    encapsulation l2tpv2
    ip local interface FastEthernet0/1

    interface FastEthernet0/1
    description WAN interface to ISP (connected to cable modem)
    ip address dhcp
    duplex auto
    speed auto

    interface Virtual-PPP1
    description L2TP dialer to 014 (014 is My ISP)
    ip address negotiated
    ip nat outside
    ppp pap sent-username USER-NAME password PASSWORD
    pseudowire <isp-l2tp-server-address>1 pw-class ISP

    ip route 0.0.0.0 0.0.0.0 Virtual-PPP1
    ip route <isp-l2tp-server-address>255.255.255.255 FastEthernet0/1 dhcp

    thanks in advance
    elad.</isp-l2tp-server-address></isp-l2tp-server-address>



  • Don't think 1.2.3 can, but in pfSense 2.0 you can have l2tp as WAN.



  • @elade:

    hi all

    the method to obtaining an public IP address via israeli ISP's over cable infrastructure is a bit different and non regular
    i wonder if i can use pfSense as my firewall / router insted of my old Cisco 1841 that cannot holdup my new bandwidth ? :(

    This is how the connection achieved in the cisco way:

    pseudowire-class ISP
    encapsulation l2tpv2
    ip local interface FastEthernet0/1

    interface FastEthernet0/1
    description WAN interface to ISP (connected to cable modem)
    ip address dhcp
    duplex auto
    speed auto

    interface Virtual-PPP1
    description L2TP dialer to 014 (014 is My ISP)
    ip address negotiated
    ip nat outside
    ppp pap sent-username USER-NAME password PASSWORD
    pseudowire <isp-l2tp-server-address>1 pw-class ISP

    ip route 0.0.0.0 0.0.0.0 Virtual-PPP1
    ip route <isp-l2tp-server-address>255.255.255.255 FastEthernet0/1 dhcp

    thanks in advance
    elad.</isp-l2tp-server-address></isp-l2tp-server-address>

    Definitely not on 1.2.3 – Israeli ISPs use PPTP or L2TP on cable infrastructure which require getting a Private IP over the HOT network via DHCP.  Then you need to run a tunnel on this network to the ISP's PPTP or L2TP server.  2.0 can support this, but you will have to choose DHCP as the method of connection on the WAN then create a separate PPTP or L2TP connection on top of it, then you will have to make sure all your traffic is routed out through the VPN (PPTP/L2TP [NAT/Firewall rules]), etc.

    Some ISPs in Israel may still support MPLS on special request; you may be able to avoid this aggravation if you can convince them.


Log in to reply