Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Mac spoof on wan - pppoe doesnt work

    Scheduled Pinned Locked Moved 2.1 Snapshot Feedback and Problems - RETIRED
    21 Posts 5 Posters 7.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • X
      xbipin
      last edited by

      i have a pppoe connection and my isp requires to spoof a fixed mac but it doesnt seem to work on latest nanobsd alix snapshot

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Did it ever work on 2.1? If it did, what was the date of the snapshot it worked on, and the one it was broken on?

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • X
          xbipin
          last edited by

          i installed a new alix for a client and his isp has that requirement and i tried 2.0.1 first and it didnt and then i tried 2.1 23rd September and still same, ppp log shows authorization failed from isp, i called them up and they said the mac id was same as the alix one, not the one i tried to spoof which was of the asus router, i tried the latest snap as of now but tis still the same, pfsense isnt spoofing it

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            It's probably not working like you expect because the MAC box is for the interface assigned, and the assigned interface in that case is pppoe0 and not the physical interface.

            Try this trick:
            Make the PPPoE interface as usual - no spoofed mac - this will result in pppoe0 being assigned for that interface.
            Then go and assign the physical interface  (again, vr0), set it for an IP type of 'none' and spoof the MAC there.

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • X
              xbipin
              last edited by

              i got confused

              first i create the usual pppoe connection
              then i goto interface - assign then add a new interface for vr1 (in my case)
              then goto that itnerface and assign spoofed mac

              but this way wont it have like 2 interfaces for same port and wont it conflict?
              wan -> pppoe(vr1) -> vr1(with spoofed mac)

              1 Reply Last reply Reply Quote 0
              • jimpJ
                jimp Rebel Alliance Developer Netgate
                last edited by

                No they don't conflict because technically they are different interfaces, one is vr1 and the other is pppoe0

                Sort of like how you can use both the vlan parent and a vlan subinterface at the same time.

                And since you have the physical interface set to an IP of none it wouldn't hurt anything anyhow.

                Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                Need help fast? Netgate Global Support!

                Do not Chat/PM for help!

                1 Reply Last reply Reply Quote 0
                • X
                  xbipin
                  last edited by

                  ill test it and report back.

                  if this is the way to spoof then u should probably remove the mac spoof box when u select pppoe type when u create a new interface coz it can be misleading

                  1 Reply Last reply Reply Quote 0
                  • jimpJ
                    jimp Rebel Alliance Developer Netgate
                    last edited by

                    That may be a good idea. I'm not sure that box serves any purpose for PPPoE (or PPTP or L2TP or PPP…)

                    Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                    Need help fast? Netgate Global Support!

                    Do not Chat/PM for help!

                    1 Reply Last reply Reply Quote 0
                    • X
                      xbipin
                      last edited by

                      once i create a new interface opt1, do i need to goto ppp tab edit pppoe and assign it to vr1 or to opt1?

                      1 Reply Last reply Reply Quote 0
                      • X
                        xbipin
                        last edited by

                        when i tried with vr1

                        actually there is multi wan set so vr0 is lan vr1 is wan1 and vr2 is wan2 and its wan2 i need to spoof and the new itnerface ic reated was opt3 with spoofed mac

                        when the ppp tab listed pppoe linked to vr2 i got the below log and didnt work, not to mention my second device with pppoe reconnect issue

                        Sep 25 18:40:22 	syslogd: kernel boot file is /boot/kernel/kernel
                        Sep 25 22:24:59 	check_reload_status: Syncing firewall
                        Sep 25 22:25:41 	php: /interfaces_assign.php: Calling interface down for interface opt3, destroy is
                        Sep 25 22:25:41 	php: /interfaces_assign.php: Deny router advertisements for interface opt3
                        Sep 25 22:25:46 	check_reload_status: updating dyndns opt3
                        Sep 25 22:25:53 	php: /interfaces_assign.php: Creating rrd update script
                        Sep 25 22:25:53 	check_reload_status: Syncing firewall
                        Sep 25 22:26:21 	check_reload_status: Syncing firewall
                        Sep 25 22:26:27 	php: /interfaces.php: Calling interface down for interface opt3, destroy is
                        Sep 25 22:26:27 	php: /interfaces.php: Deny router advertisements for interface opt3
                        Sep 25 22:26:27 	kernel: vr2: link state changed to DOWN
                        Sep 25 22:26:27 	check_reload_status: Linkup starting vr2
                        Sep 25 22:26:30 	check_reload_status: Linkup starting vr2
                        Sep 25 22:26:30 	kernel: vr2: link state changed to UP
                        Sep 25 22:26:32 	check_reload_status: updating dyndns opt3
                        Sep 25 22:26:34 	php: /interfaces.php: Removing static route for monitor 203.187.192.33 and adding a new route through 203.187.196.1
                        Sep 25 22:26:35 	php: : Hotplug event detected for opt3 but ignoring since interface is configured with static IP ()
                        Sep 25 22:26:35 	php: /interfaces.php: Creating rrd update script
                        Sep 25 22:26:35 	check_reload_status: Reloading filter
                        Sep 25 22:26:37 	php: : Hotplug event detected for opt3 but ignoring since interface is configured with static IP ()
                        Sep 25 22:26:37 	check_reload_status: rc.newwanip starting vr2
                        Sep 25 22:26:45 	php: : rc.newwanip: Informational is starting vr2.
                        Sep 25 22:26:45 	php: : rc.newwanip: on (IP address: ) (interface: opt3) (real interface: vr2).
                        Sep 25 22:26:45 	php: : rc.newwanip: Failed to update opt3 IP, restarting...
                        Sep 25 22:26:45 	check_reload_status: Configuring interface opt3
                        Sep 25 22:26:51 	php: /status_interfaces.php: Calling interface down for interface opt2, destroy is
                        Sep 25 22:26:51 	check_reload_status: Configuring interface opt2
                        Sep 25 22:26:55 	check_reload_status: Updating all dyndns
                        Sep 25 22:26:55 	check_reload_status: Restarting ipsec tunnels
                        Sep 25 22:26:55 	check_reload_status: Restarting OpenVPN tunnels/interfaces
                        Sep 25 22:26:55 	check_reload_status: Reloading filter
                        Sep 25 22:26:56 	php: : Could not find IPv4 gateway for interface (opt2).
                        Sep 25 22:26:59 	php: : Deny router advertisements for interface opt2
                        Sep 25 22:27:00 	check_reload_status: Rewriting resolv.conf
                        Sep 25 22:27:00 	php: : Starting 3gstats.php on device '' for interface 'opt2'
                        Sep 25 22:27:01 	php: : Deny router advertisements for interface opt3
                        Sep 25 22:27:15 	php: : Could not find IPv4 gateway for interface (opt2).
                        Sep 25 22:27:43 	syslogd: exiting on signal 15
                        Sep 25 22:27:43 	syslogd: kernel boot file is /boot/kernel/kernel
                        Sep 25 22:27:49 	php: /status_interfaces.php: Deny router advertisements for interface opt2
                        Sep 25 22:27:49 	php: /status_interfaces.php: Starting 3gstats.php on device '' for interface 'opt2'
                        
                        1 Reply Last reply Reply Quote 0
                        • X
                          xbipin
                          last edited by

                          can some1 guide me on how to trace what mac id is being sent to isp for pppoe connections as recently there was a patch for the issue but i have no clue to how to trace if the applied mac id is being sent also or no

                          1 Reply Last reply Reply Quote 0
                          • jimpJ
                            jimp Rebel Alliance Developer Netgate
                            last edited by

                            You'd probably have to do a packet capture on the physical interface (e.g. vr2) to see that.

                            From the shell, something like this may work:

                            tcpdump -vvvnei vr2

                            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                            Need help fast? Netgate Global Support!

                            Do not Chat/PM for help!

                            1 Reply Last reply Reply Quote 0
                            • X
                              xbipin
                              last edited by

                              i tried it and as soon as i go under interfaces->wan and feed in a new mac id and apply the pppoe link under ppp under assign looses its itnerface and i get the below in system log so then i reassign the vr1 interface which is for my wan and pppoe connects but still with the actual mac id, not the spoofed one so i guess it still doesnt work

                              Jan 12 12:42:27 	php: : Could not find IPv4 gateway for interface (wan).
                              Jan 12 12:42:27 	php: : Could not find IPv4 gateway for interface (wan).
                              Jan 12 12:42:27 	php: : Could not find IPv4 gateway for interface (wan).
                              Jan 12 12:42:27 	php: : Could not find IPv4 gateway for interface (wan).
                              
                              1 Reply Last reply Reply Quote 0
                              • W
                                wallabybob
                                last edited by

                                Did you disable and enable the PPP link around changing the MAC address?

                                Did you restart the box after changing the MAC address?

                                1 Reply Last reply Reply Quote 0
                                • X
                                  xbipin
                                  last edited by

                                  i restarted now and it seems its using the applied mac id now so i guess it works now so 2 things need to be done, when u apply the new mac id, the itnerface from the ppp link gets lost so it needs to be reaggined so probably that needs a patch so u dont have to go around doing it manually and also put up a note saying to restart the box when mac spoof is used

                                  1 Reply Last reply Reply Quote 0
                                  • rbgargaR
                                    rbgarga Developer Netgate Administrator
                                    last edited by

                                    Following commit should fix the issue, please let me know if it works.

                                    https://github.com/bsdperimeter/pfsense/commit/254ebf8b0fb9a8042d154ab2206d7c4f3f16b487

                                    Renato Botelho

                                    1 Reply Last reply Reply Quote 0
                                    • X
                                      xbipin
                                      last edited by

                                      ill test it in some while now and report back

                                      1 Reply Last reply Reply Quote 0
                                      • rbgargaR
                                        rbgarga Developer Netgate Administrator
                                        last edited by

                                        There is a more recent commit with a better solution. Please consider testing this one.

                                        https://github.com/bsdperimeter/pfsense/commit/84086442a2fa40b0fba12cf00a935144de3c5e71

                                        Renato Botelho

                                        1 Reply Last reply Reply Quote 0
                                        • X
                                          xbipin
                                          last edited by

                                          tried, it works well but some issues. after i enter a spoofed mac id, it gets implemented and pppoe reconnects and uses the new mac id and everything well but once i goto that spoofed mac id field and remove it and apply again, pppoe reconnects but under ppp tab etc it still keeps showing the spoofed mac id, not the original one, now i tried to do a trace from console to see what amc id its suing for the new connection but wasnt able to as my console hangs, this happens to me a couple of times when i see AT OK in console randomly, so i wasnt able to see is the original mac id being used or no but after a reboot the gui starts showing the original mac id so it might just be a gui bug but in general mac spoof works fine now, thanks

                                          1 Reply Last reply Reply Quote 0
                                          • K
                                            kathampy
                                            last edited by

                                            When I set a fake MAC address in the PPPoE interface page and attempt to connect, WireShark shows PADI packets still being broadcasted from em0's MAC address. I'm running 2.0.2-RELEASE.

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.