Big Problems with 2wire ADLS modem+Router.
-
Hi people.
This week my ISP told me that i need to change my old modem: DSL modem speedstream 5400, just a modem. My LAN was behind pfsense, DHCP, one vpn to my office, it was very beautiful. Some times i just connect my box and i was at work, didn't need to get there.
Now, i have this 2wire Modem+Router(Model 2701HG-T), which if came with built-in Firewall, wireless, and other cool stuff for someone with no acknowledge of pfsense could say, this is great!!!
Now i don't how to hell i will have my old settings, i cannot disable the firewall from that device, i cannot access my office from my LAN clients, the only one who could access my office is the pfsense box, because i enable some rule to the 2wire firewall, but any of my clients can.
I'm lost, i don't know how is the gateway now or which one i chose? What about my WAN interface? I try to connect my wan interface but i don't get any answer from my ISP.
I disable the DHCP server from the device, but right now my Gateway is 2wire, what can i do to bring everything to normal? do i need tot add each rule to my LAN and NAT or forward to my 2wire gateway?
Someone could point me, what i need to do, or help me understand my case and help me find some path to this?
Thanks all for your time.
P.S. Running pfsense 1.0.1 Release.
-
Can you put the new modem into "Bridged" mode this should turn it into a dumb xDSL -> Ethernet converter. Then you can setup pfSense to do all the hard work like pppoe.
-
Have you tried what the documentation of your 2wire box proposes:
http://www.2wire.com/pages/pdfs/2701_installation_guide.pdfPage 20:
@Router:If the gateway detects the presence of a third-party router, the Router Behind Router error page displays. If
a third-party router is connected to the 2Wire gateway, network instability can result because both devices
are trying to manage private IPs via NAT.
The best solution is to remove the third-party router from your LAN since the 2Wire gateway can manage
your home network. If this option is not acceptable, move the third-party router to DMZPlus Mode by clicking
the Resolve button..and
Note: DMZplus is a special firewall mode that is used for hosting applications. When in
DMZplus mode, the designated computer shares your gateway’s IP address (Router
Address), appears as if it is directly connected to the Internet, has all of the unassigned TCP
and UDP ports opened and pointed to it, and can receive unsolicited network traffic from the
Internet. Because all filtered traffic is forwarded to the designated computer, DMZplus mode
should be used with caution. A computer in DMZplus mode is less secure because all
available ports are open and all incoming Internet traffic is directed to this computer.Then put the pfSense in the DMZ, of course.
You don't seem to be able to put the modem in transparent bridge mode. This would basically degrade it to a media converter from DSL to ethernet.
Why are you required to upgrade your modem to a router? Do you use or plan to use additional services such as VoIP from your provider?
If you didn't change your DSL connection (eg higher speed) then your old modem could still work. -
I change my modem because i already have more than 3 years with this modem, my ISP is changing all the old modems, them maybe today or tomorrow i will have to upgrade, them i decide to try right now, because my mystery was pfsense, i'm testing some boxes, this is the reason, i want to learn how this thing works right now.
Now i start learning this device, thanks to you guys.
My big mystery was router + router + lan???
(2wire) (pfsense)Pfsense use 2 nics WAN + LAN, the LAN NIC is my gateway, now i change my wan from PPPoE to DHCP in pfsense settings, them i move my WAN interface to DMZplus mode inside 2wire settings.
DHCP is working from pfsense, DHCP is disable in 2WIRE.
Now my clients are working like before, i can access my office, my ssh clients, everything back to normal.
Thanks all for your help.
This is my physical network right now, hope u understand my layout. Is correct?
–-------
|--> º º
DSL Line <-- | | pfsense |
| | -- >º BOX º
| | | --------
-------------- | ----------- | |
º º º º <----> PFs-WAN<------| | pfsense LAN NIC
| Internet | <-----> | 2wire | |
º ----------- º º -----------º <----> ----------- |
º lan º<----
| switch |
º º <---> LAN Clients
-----------If i'm doing something wrong please let me know. Thanks all for your time and help, i apreciate your help a lot ;D ;D ;D
-
You shouldn't connect 2wire to the switch directly.
Try a pure serial configuration: 2wire - pfSense - switch
This should work if all is well and no one can access the internet with bypassing pfSense. -
Hey jahonix, the problem i found, is that if i remove the cable from 2wire to my switch i lost my Internet connection and couldn't connect to 2wire settings from my LAN.
Which nic you meant went u say 2wire–-pfsense(LAN or WAN)
My WAN nic where it goes?
Really i still a little confuse with this.
Thanks for your help!!!
-
if i remove the cable from 2wire to my switch i lost my Internet connection and couldn't connect to 2wire settings from my LAN.
Then your pfSenes does not route all the traffic which it should.
Which nic you meant went u say 2wire–-pfsense(LAN or WAN)
Internet - (WAN)2wire(DMZ/LAN) - (WAN)pfSense(LAN) - switch - …
WAN always points to the outside/internet and LAN is local.
With putting pfSense in the DMZ we try to make 2wire as dumb as possible. It wants to be a full blown router but forwards as much as possible to pfSense. The pfSense does firewalling, DHCP etc. for LAN then. -
Hi guys me again.
I have been around trying to put my 2WIRE in bridge mode, i have follow some links specially from dslreports.com, exist there some info about this, the steps doesn't look complex, they are very easy, but i have been trying a lot of times with no success, i put my WAN in PPPoE and nothing happend… :-[ :-[ :-[
I think i will have to deal with DMZ until i found the way to disable the routing stuff from this device or forget about.
Thanks all of you guys for your help :) :) :)
-
I have been using a 2-Wire 2700HG-B in transparent bridge mode for a number of months without problems. I configured bridge mode using the instructions found at DSL reports. Used in load balancing with both a Soekris 4801/pfSense 1.2RC.2 and a Netgear FVS124G.
Remember that the IP of the 2-Wire is hard-coded to 192.168.1.254 in bridge mode. You need to access the MDC pages via the hub on the 2-Wire (they won't be accessible from the LAN).
-
Hi people is me again.
After trying again with my 2WIRE bridge-mode i found the right setting, reading different page from dslreports, everything was right, i just change 1 setting:
After i disable the "Routing" stuff from 2WIRE, i change the "Connection Type" from "Direct IP" to PPPoE, setup my user && password.
After this, DHCP was disable from 2WIRE, i setup my PfsenseWAN to PPPoE… my pfsense box was online!!!
Right now i'm working behind my pfsense, my VPN are working, i can forget about DMZ and all the tricks i have to do to get my box work behind 2WIRE.
The ISP technical people, they know about this but don't have any idea how to get this thing to work, they just told me "Sir, if u do that you loose your warranty, bla bla bla ::) ::) ::)
I test the connection, resetting my box, enabling && disabling the WAN NIC and everything is working.
Well guys thanks all for your help and advised, lets continue with the show ;D ;D ;D
