Problem getting to websites - via NAT Qwest modem

root2020 · May 4, 2012, 2:29 PM

I have a site-A and a site-B.
Site-B working just fine with an openvpn server and it is using PPPoE to authenticate, the modem is in bridge mode.

On the site-A, the pfsense box is in a DMZ via the DSL modem. That was the only thing I changed on the modem. The modem has a static IP on its WAN side and forwarding everything to a private IP on the pfsense WAN port. There is a VPN tunnel between the two and that is working 100%. The problem is that site-A web browsing stinks and pages timeout all of the time. Some web pages you just plain cannot reach. I have full firewall logging on and everything is going out free and clear. I believe the problem is due to the double NAT. Internet pipe is 7 megabit connection on site-A.

What are my options? I notice on the qwest DSL that I can disable NAT and I can enable dynamic routing. What can I do to get this working by keeping the NAT on the modem?

1. I know I can reconfigure and use PPPoE on pfsense and bridge the router. (I am scared to do this because last year I was using 2.0 RC2 on this box and it kept dropping the internet when using PPPoE. That is why I am even NATTED in the first place. I just upgraded it to 2.0.1 last night.
2.
3.

cmb · May 4, 2012, 10:16 PM

Highly unlikely it's because of double NAT in itself. My first guess given it's DSL and with that description is you probably need MSS clamping to a lower value on the modem, it should have that configurable somewhere.

root2020 · May 8, 2012, 8:29 PM

Thanks, I will look into that.