Accessing ADSL modem on pppoe WAN interface…
Or: Accessing a IP device (=ADSL modem) on WAN interface (pppoe is used to connect to the Internet)
This was possible 'before' ( ;) ):
I have a ASDL modem device between the WAN nic & the pfSense 1.0 BETA Firewall (with 3 NIC's in it).
I used this trick: http://m0n0.ch/wall/list/showmsg.php?id=189/26 (this describes a m0n0wall config.xml 'manual' patch and a couple of a NAT-Outbound rules).
The same patch (twiddling with the <interface>section) isn’t accepted by pfSense 1.0 Beta (the first version I ever used - I was using M0n0wall for 2 weeks before).
The pppoe interface will not be useable anymore.
On the othe hand: I understood from the GUI that adding interfaces is possible right now without manual editing. But, these additions aren’t accepted (pppoe become useless). It won’t connect to the net anymore.
This means: I can't administer my modem anymore.
Network topo : pfSense with pppoe WAN Access, pfSense LAN IP : 192.168.1.1 (OPT1=192.168.2.1, Portal software in use with 3 WRT54GS AP's hooked up)
ADSL Modem between phone line and pfSense : it’s IP is 10.0.0.138.
With M0n0wall I could 'add' an IP (10.0.0.1) on the sis0 (WAN NIC) and my modem was accessible by its 10.0.0.138…. (telnet, ftp en web).
Really, I can live with this... (Who want’s to administer a simple pppoe modem anyway ;D) but just maybe I'm missing something.
Have to say: the LiveCD is just perfect: I ran it first from CD+floppy, and afterwards I threw it on an old 10G hard disk - up in less then 4 minutes.
The GUI is better then a xxx $ commercial solution.
Great job, guys.</interface>
This trick would not work with the way pfSense currently operates. My bet would be to add a 4th NIC in the box that is also connected to the DSL modem using pppoe.
I don't know if your DSL modem is a Multi PC Modem (4 ports) or just the modem (with 1 port). The 4 port is easiest as you would already have the switch. The 1 port would require the use of a switch though (12 euro Sitecom 5 port or such)
Something that may or may not work is a virtual IP on the wan interface using proxy arp. You should try using that and a NAT rule.
Did you enable the interface? I wouldn't be surprised if this doesn't work…but at the very least the OPT interface needs to be enabled ;)
Thanks for the replies and the suggestions….
The 'interface-up' thing is a good tip ... but it was up 8)
Anyway, digging around and I found this post (and replies) :
Same issue : Accessing aDSL modem connected to pfsense via PPPoE from LANl
Anyway…. just tried about all the options, and have to say the this product (for a BETA 1.0) is rock - solid !!
Removed the screen and keyboard - added a huge 1Kw UPS and threw it a rack.
Activated the Portal function (the main goal was hosting free access for an entire hotel...) and separating our 'private' compagny LAN. DONE !!
Now I have to hassle with clients who never used this 'Wifi thing' in their portable PC before.... another ball game :D
Have you found a solution to this problem?
Going 'back' to M0n0wall 1.21 (new release) enables this option (with some config.xml pathing).
But, anyway, in this case the ADSL device isn't a router, just a PPPOE bridge between phoneline and WAN network card, so I gave up the 'want to have' idear of having telnet/web access to this device. There isn't mutch to administer anyway.
I have a final choice of putting this modem in Router mode (my ISP doesn't bother) and give pfSense a static/fixed 'internal' IP on his WAN interface (or even use client DHCP for that mather) - this will mean that all firewall rules concerning WAN & outside NAT have to be duplicated in the modem/router - this means access is possible, and very very needed.
To make things short : don't need a gun if there are no rabbits to kill anyway :D