Pppoe/nat problem

snfc21

Hello,

I'm trying to only let my computers access the internet when they connect to the server using pppoe.

I've enabled pppoe server as described below:

Server address: 192.168.254.254
Remote address range: 192.168.254.0

I have added a user, specified an IP address - 192.168.254.1 - (windows didn't want to connect unless i specified an ip address), added the rules below to the firewall:

allow / proto any / source any / port any / destination any / port any / gateway default  (LAN)
allow / proto any / source any / port any / destination any / port any / gateway default (PPPoE VPN)

Also, added NAT rule for 192.168.254.0/24

Connecting from windows works ok, but i cannot surf (like the NAT or something else is not working). What is not working, i don't know. I cannot ping 192.168.254.254 (the server address), but on the pfsense server i see the addresss when i do a ifconfig.

On the windows machine, doing an ipconfig i have the following result:

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : SiS 900 PCI Fast Ethernet Adapter
        Physical Address. . . . . . . . . : 00-07-95-C4-FB-24
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.6.1
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        IP Address. . . . . . . . . . . . : 192.168.0.2
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.0.1
        DNS Servers . . . . . . . . . . . : 212.93.137.18
                                            212.93.136.2

PPP adapter test:

Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
        Physical Address. . . . . . . . . : 00-53-45-00-00-00
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.254.1
        Subnet Mask . . . . . . . . . . . : 255.255.255.255
        Default Gateway . . . . . . . . . : 192.168.254.1
        DNS Servers . . . . . . . . . . . : 192.168.0.1
                                            212.93.137.18
        NetBIOS over Tcpip. . . . . . . . : Disabled

As you can see, IP Address and Default Gateway are the same, which, from my point of view is a big problem and nothing would ever work like that..

Now , tell me what is really wrong, if anyone knows:

• is it on the windows computer?
• the pppoe vpn? (i have not much settings to play with in the web interface for pppoe server)
• are the NAT settings?
• DHCP?!?!
• anything else?

Where should i look ?

hoba

@snfc21:

Hello,

I'm trying to only let my computers access the internet when they connect to the server using pppoe.

I've enabled pppoe server as described below:

Server address: 192.168.254.254
Remote address range: 192.168.254.0

Specify a real remote starting adress here .0 is not valid.

@snfc21:

I have added a user, specified an IP address - 192.168.254.1 - (windows didn't want to connect unless i specified an ip address), added the rules below to the firewall:

allow / proto any / source any / port any / destination any / port any / gateway default  (LAN)
allow / proto any / source any / port any / destination any / port any / gateway default (PPPoE VPN)

Also, added NAT rule for 192.168.254.0/24

Connecting from windows works ok, but i cannot surf (like the NAT or something else is not working). What is not working, i don't know. I cannot ping 192.168.254.254 (the server address), but on the pfsense server i see the addresss when i do a ifconfig.

On the windows machine, doing an ipconfig i have the following result:

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : SiS 900 PCI Fast Ethernet Adapter
        Physical Address. . . . . . . . . : 00-07-95-C4-FB-24
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.6.1
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        IP Address. . . . . . . . . . . . : 192.168.0.2
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.0.1
        DNS Servers . . . . . . . . . . . : 212.93.137.18
                                            212.93.136.2

PPP adapter test:

Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
        Physical Address. . . . . . . . . : 00-53-45-00-00-00
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.254.1
        Subnet Mask . . . . . . . . . . . : 255.255.255.255
        Default Gateway . . . . . . . . . : 192.168.254.1
        DNS Servers . . . . . . . . . . . : 192.168.0.1
                                            212.93.137.18
        NetBIOS over Tcpip. . . . . . . . : Disabled

As you can see, IP Address and Default Gateway are the same, which, from my point of view is a big problem and nothing would ever work like that..

Actually PPP connections work like that.

@snfc21:

Now , tell me what is really wrong, if anyone knows:

• is it on the windows computer?
• the pppoe vpn? (i have not much settings to play with in the web interface for pppoe server)
• are the NAT settings?
• DHCP?!?!
• anything else?

Where should i look ?

It might be that we don't create a NAT entry for that connection by default. Please try the following:
Firewall>NAT outbound Tab
Enable advanced outbound nat
Save
It will create an outbound NAT entry for the LAN subnet in the table below
Hit the [+] right to that entry to create a copy of that one and change the source to your PPPoE network 192.168.254.0/24
Save
Apply

Does it work now?

snfc21

Server address: 192.168.254.254
Remote address range: 192.168.254.0

Specify a real remote starting adress here .0 is not valid.

I have, but upon submitting the form, the remote address range defaults to a class (192.168.254.0) , no matter if i specify an address (eg. 192.168.254.1 )

It might be that we don't create a NAT entry for that connection by default. Please try the following:
Firewall>NAT outbound Tab
Enable advanced outbound nat
Save
It will create an outbound NAT entry for the LAN subnet in the table below
Hit the [+] right to that entry to create a copy of that one and change the source to your PPPoE network 192.168.254.0/24
Save
Apply

Well, I did somethink like you said above:

outbound nat / enable outbound nat
and afterwards, edited the 192.168.0.0/24 rule (since i won't be needing NAT for this class) and instead of 192.168.0.0/24 put 192.168.254.0/24
anyway, on clicking save, it automatically adds a new rule for 192.168.0.0/24 , so i had two function-identical rules in the end, one for 192.168.0.0/24 and one for 192.168.254.0/24

Does it work now?

It doesn't!

aldo

Server address: 192.168.254.254
Remote address range: 192.168.254.0

i dont know what version you are using but i think you have a problem with your subnet mask 'pppoe units'
in your pppoe configureation

192.168.254.0 will be iether 24 25 26 27 28 29 30 as a subnet
you are better to make a 'pppoe units of say 192.168.254.128/25 and a gateway of 192.168.254.1
the pppoe gateway must lye outside of the 'pppoe units subnet'

post the snip of your pppoe xml. your problem looks like it is here and i am sure your logs will reinforce this