No IP address displayed
-
Ok, I think we have a bit of a miscommunication problem here. A diagram would probably go a long way to help that. I'll try to draw something up this afternoon.
I can well believe that the pfSense VM has a problem if you are using PPPoE directly from its host PC. Why are you doing PPPoE from PC1? The PPPoE session should be in the pfSense WAN interface.
What happens when you try to start pfSense?
You should forget PC2 until you have pfSense running correctly with PC1 and the VMs hosted by PC1. Then add PC2.
If you have any adapters set to type 'NAT' in VBox then you will be bypassing pfSense. All the NAT should be done by pfSense.
pfSense is being run inside a VM like any of the other OSes, they are all just VMs to Vbox.
Steve
-
Ok, I think we have a bit of a miscommunication problem here. A diagram would probably go a long way to help that. I'll try to draw something up this afternoon.
Thanks
I can well believe that the pfSense VM has a problem if you are using PPPoE directly from its host PC. Why are you doing PPPoE from PC1? The PPPoE session should be in the pfSense WAN interface.
I'll use another ISP on the coming early April. The new ISP shall not provide router but an ONT for connecting my PC. The new service will be FTTH Fibre Optic Service, 100MB/100MB.. Therefore I have to provide a router for collecting 2 PCs. PC1 is my daily working PC with 10 VMs running. PC2 is a spare PC also with 10 VMs running. The latter is NOT running round the clock. If I succeed installing/running pfSense as router on PC1 then I don't need purchasing a router. I just plug a Cat5e cable to NIC2 of PC1 and to NIC of PC2 when I use the latter.
What happens when you try to start pfSense?
Nothing special found. I can't use it as router to routing Internet connection to VM of PC1. I haven't tested the VM on PC2. What I noticed was I can start the login page of pfSense on browser of PC2 but unable to login.
You should forget PC2 until you have pfSense running correctly with PC1 and the VMs hosted by PC1. Then add PC2.
OK
If you have any adapters set to type 'NAT' in VBox then you will be bypassing pfSense. All the NAT should be done by pfSense.
pfSense is being run inside a VM like any of the other OSes, they are all just VMs to Vbox.
Noted. Thanks
Rgds
satimis -
Right rather than my usual 'WordCad' effort I thought I'd give gliffy a try. Think I need more practise! ::)
Anyway here's the diagram. I didn't put any IPs or subnets on there since that's up to you really.
I hope you can understand it.Steve
-
Right rather than my usual 'WordCad' effort I thought I'd give gliffy a try. Think I need more practise! ::)
Anyway here's the diagram. I didn't put any IPs or subnets on there since that's up to you really.
I hope you can understand it.Hi,
Thanks for your diagram.
Performed following steps but without result.
Started pfSense```
........
Configuring WAN interface ......
(holding here for a long time but finally done)
Configuring WAN interface done
.....Also holding here for long time``` .... Starting NTP time client .. . Error : Error : hostname nor servname provided, or not known Error : hostname nor servname provided, or not known ....
WAN (wan) -> em1 -> NONE (DHCP)
LAN (lan -> em0 -> 192.168.1.1VM Ubuntu 12.04 desktop
Network -> Adapter 1
Bridged Adapter
eth1 (not eth0)It can ping 192.168.1.1 but unable to ping yahoo.com
Also on browser I can login pfSense
$ sudo ifconfig```
eth0 Link encap:Ethernet HWaddr 08:00:27:10:8c:3d
inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe10:8c3d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:48 errors:0 dropped:0 overruns:0 frame:0
TX packets:102 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:4344 (4.3 KB) TX bytes:13633 (13.6 KB)lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:84 errors:0 dropped:0 overruns:0 frame:0
TX packets:84 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:5660 (5.6 KB) TX bytes:5660 (5.6 KB)According to following article: Virtualize your router using pfSense and Virtualbox http://www.area536.com/projects/virtualize-your-router-using-pfsense-and-virtualbox/ I further performed following steps: Host ==== $ sudo ifconfig``` eth0 Link encap:Ethernet HWaddr 00:26:18:44:b6:1a inet6 addr: fe80::226:18ff:fe44:b61a/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1229 errors:0 dropped:0 overruns:0 frame:0 TX packets:1627 errors:0 dropped:0 overruns:0 carrier:1 collisions:0 txqueuelen:1000 RX bytes:883218 (862.5 KiB) TX bytes:324344 (316.7 KiB) Interrupt:18 eth1 Link encap:Ethernet HWaddr 90:f6:52:03:57:86 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) Interrupt:43 Base address:0x4000 .... ....
eth0 HWaddr 00:26:18:44:b6:1a
MAC 00261844b61aeth1 Link encap:Ethernet HWaddr 90:f6:52:03:57:86
MAC 90f652035786Tried changing following MAC Address on both eth0 and eth1
MAC 00261844b61a/00261844B61A
90f652035786/90F652035786Still the same pfSense can't connect ISP
A side question, how to draw your diagram?
Rgds
satimis -
........ Configuring WAN interface ...... (holding here for a long time but finally done) Configuring WAN interface done .....
Also holding here for long time```
....
Starting NTP time client .. . Error : Error : hostname nor servname provided, or not known
Error : hostname nor servname provided, or not known
....That's expected behaviour as it tries to obtain an IP address via DHCP (and fails) and then tries to get the time from an NTP server (and fails).
WAN (wan) -> em1 -> NONE (DHCP)
LAN (lan -> em0 -> 192.168.1.1Ok, so which adapter is which? Is the router still in it's standard mode, handing out IP address on it's LAN? If so then probably have the interfaces the wrong way around. This worked earlier. You set the interface that is assigned to the pfSense WAN to 'bridged interface' and pfSense recived an IP on its WAN from the router. It was em1 there too though so perahps you have changed the WAN adapter to 'internal' in VBox instead of the LAN.
VM Ubuntu 12.04 desktop
Network -> Adapter 1
Bridged Adapter
eth1 (not eth0)It can ping 192.168.1.1 but unable to ping yahoo.com
Also on browser I can login pfSenseThe Ubuntu VM that we are using to configure pfSense should have only one adapter enabled on it and it should be type 'Internal'. It is shown as any of the VMs I have on PC1 in my diagram. It should be set to use DHCP in Ubuntu so that you can see when it is correctly receiving an IP from pfSense.
It seems likely that you have accidentally set the pfSense VM WAN adapter to internal and the LAN adapter to bridged. In that instance the pfSense LAN would be accessible via a bridged adapter on the Ubuntu VM because they are both bridged to the same physical NIC in the host.
If that is the case you need rectify this by either reassigning the interfaces in pfSense, WAN as em0 and LAN as em1, OR change the adapter types in VBox so the the correct adapters are bridged and internal.
Forget about MAC addresses for now. You may have to spoof the WAN MAC address in pfSense if your ISP requires that
A side question, how to draw your diagram?
I used
giffly.comgliffy.com. The first time I used it hence the colours are at bit odd. Haven't worked out how to change that yet. ::) -
Hi Steve,
pfSense was imported on "pfSense-2.0.3-RELEASE-amd64.ova" download on pfSense website.
Remark:
I'm confused here. Physical NIC-1 (eth0) is onboard (motherboard) and physical NIC-2 (eth1) is a PCI-e Gigabit NIC. On host they are displayed correctly. However on pfSense and VM NIC-1 becomes eth1 and NIC-2 eth0Changed eth0 and eth1 back to their original MAC Addresses. Started pfSense
Adapter 1
Attached to: Bridge
eth0Adapter 2
Attached to: Bridge
eth1VM 12.04 Desktop
Adapter 1
Attached to: Internal Network
Name: intnet$ sudo ifconfig
eth0 Link encap:Ethernet HWaddr 08:00:27:10:8c:3d inet6 addr: fe80::a00:27ff:fe10:8c3d/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:56 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:12394 (12.3 KB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:16 errors:0 dropped:0 overruns:0 frame:0 TX packets:16 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1312 (1.3 KB) TX bytes:1312 (1.3 KB)
$ ping 192.168.1.1
connect: Network is unreachableI think my problem is pfSense can't establish a second connection to ISP via the virtual NIC. Because Host is already connected to ISP. Seemly second connection is NOT allowed unless behind a physical router.
Other advice noted with thanks.
satimis
-
The pfSense VM needs to have :
Adapter 2
Attached to: Internal Network
Name: intnetThat is the adapter that is then set as the pfSense LAN interface.
Steve
-
The pfSense VM needs to have :
Adapter 2
Attached to: Internal Network
Name: intnetThat is the adapter that is then set as the pfSense LAN interface.
Steve
Performed following steps
pfSense
Adapter 1
Bridge
eth0 (also tried eth1)Adapter 2
Internal Network
intnetWAN still can't connect ISP
WAN (wan) -> em1 -> NONE (DHCP)
LAN (lan) -> em0 -> 192.168.1.1VM Ubuntu
Adapter 1
Bridge
eth1 (also tried eth0)same output;
$ sudo ifconfig```
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:176 errors:0 dropped:0 overruns:0 frame:0
TX packets:176 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:14432 (14.4 KB) TX bytes:14432 (14.4 KB)Rgds satimis
-
You changed the Ubuntu VM adapter type. That has to be Internal also so it can talk to the pfSense LAN.
Do you have the router connected to the physical NIC that is bridged to the pfSense WAN adapter?
Steve
-
You changed the Ubuntu VM adapter type. That has to be Internal also so it can talk to the pfSense LAN.
Have another round
pfSense
Adapter 1
Bridge
eth0Adapter 2
Internal Network
intnetWAN (wan) -> em1 -> NONE (DHCP)
LAN (lan) -> em0 -> 192.168.1.1VM Ubuntu
Adapter 1
Internal Network
intnet$ sudo ifconfig```
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:16 errors:0 dropped:0 overruns:0 frame:0
TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1312 (1.3 KB) TX bytes:1312 (1.3 KB)$ ping 192.168.1.1``` connect: Network is unreachable
pfSense
Adapter 1
Bridge
eth1WAN (wan) -> em1 -> NONE (DHCP)
LAN (lan) -> em0 -> 192.168.1.1VM Ubuntu
Adapter 1
Internal Network
intnet$ sudo ifconfig
eth0 Link encap:Ethernet HWaddr 08:00:27:10:8c:3d inet6 addr: fe80::a00:27ff:fe10:8c3d/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1 errors:0 dropped:0 overruns:0 frame:0 TX packets:51 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:60 (60.0 B) TX bytes:11704 (11.7 KB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:464 errors:0 dropped:0 overruns:0 frame:0 TX packets:464 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:37760 (37.7 KB) TX bytes:37760 (37.7 KB)
Do you have the router connected to the physical NIC that is bridged to the pfSense WAN adapter?
No. If PC1 is connected behind a router. It worked already, about 2 days ago.
Present connection:
ISP -> Cable Modem -> PC1
Interface - pppoesatimis
-
Hmm, OK. So if both the pfSense LAN and the Ubuntu NIC are on the same internal network then either the DHCP server is not enabled on the pfSense (it would be enabled by default) or the Ubuntu VM is not set to use DHCP.
In your second setup you can see the Ubuntu VM sees the interface as UP but isn't receiving an IP.If you have the router in place then it will hand out an IP to the pfSense WAN and you will be able see immediately if you have the correct adapters assigned to the interfaces.
Steve
-
Hi Steve
The problem is my modem only has 1 IP address to assign. Debian Host is getting this IP address before pfSense starts up. I must sort out this problem first. Secondly login and password are needed for assigning IP address. Where shall I enter them to assign the IP address to pfSense in order to get connection to Internet?
satimis
-
Well you could do that but as you say you need to be able to enter the PPP username/password to pfSense and you can only do that (without resorting to manually editing files) via the webgui. To access the webgui you need to sort out the connection between the pfSense LAN interface and Ubutu VM you're using for administration.
If you put the router back inplace between the modem and PC1 then it will hand out a private IP to pfSense which you will be able to immediately see in the pfSense console. That will make it much easier to determine that you have the LAN interface assigned to the correct VM adapter and that that adapter is configured correctly.Steve
-
Cannot you just add serial port in Virtualbox and use that as console?
-
You could but there's no need to do that you can already access the virtual VGA console. To configure the WAN for PPPoE you pretty much need to do it from the LAN side via the webgui.
Any second opinions on this are welcomed. As I said earlier in the thread I've used VBox only a few times and not recently so most of what I've said here is based on research rather than experience.
Steve
-
Only have ESXi and Hyper-V boxes available ATM, so… afraid I won't be of much help. I kinda don't understand what's the trouble here then. The web GUI does not work with WAN down, or what? If it does not, what's the problem with assigning some static temp IP to WAN meanwhile, just to get it running?
-
There are two issues.
The first is configuring the pfSense WAN interface to connect using PPPoE via a bridged adapter in VBox to the physical NIC and the cable modem. However we havne't yet actually tackled that because of the second issue…
Configuring the pfSense WAN to PPPoE needs (or is very much easier) to be done from the LAN side. Here the LAN interface is connected to an internal virtual network only so we have added an Ubuntu VM on that same network in order to fire up a browser and point it at the pfSense webgui. Currently the Ubuntu VM is not receiving an IP from the pfSense DHCP server. This should be pretty easy to accomplish. It's not helped by the fact that earlier access to the pfSense webgui was established via some accidental bridging route.If you're up for it read back through the thread, try not to shout at the computer to much! ;)
Steve
-
Hi all,
Performed following steps but still fail.
Connection
ISP -> Modem -> PCMake following changes:
Host
/etc/network/interfaces```
The loopback network interface
auto lo
iface lo inet loopbackauto eth0
iface eth0 inet static
#(configure Debian host not using DHCP for the eth0 interface)auto vboxnet0
iface vboxnet0 inet dhcp
#(configure debian host to connect to the pfSence router via the LAN port)pfSense: ====== NIC1 of pfSence host - Adapter 1 - Bridged to eth0\. (also tried eth1/Internal Network) NIC2 Adapter 2 - Host-Only Adapter Name vboxnet0 Reboot Host $ sudo ifconfig``` eth1 Link encap:Ethernet HWaddr 90:f6:52:03:57:86 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) Interrupt:43 Base address:0xc000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:24 errors:0 dropped:0 overruns:0 frame:0 TX packets:24 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1584 (1.5 KiB) TX bytes:1584 (1.5 KiB) vboxnet0 Link encap:Ethernet HWaddr 0a:00:27:00:00:00 inet addr:192.168.56.1 Bcast:192.168.56.255 Mask:255.255.255.0 inet6 addr: fe80::800:27ff:fe00:0/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:54 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:9229 (9.0 KiB)
Started pfSense
.... .... Configuring WAN interface .... starting pppoe link... done ....... Starting NTP time client...Error : hostname nor servname provided, or not known (held here for sometime) WAN (wan) -> pppoe0 -> NONE (PPPoE) LAN (lan) -> em0 -> 192.168.1.1 .... ....
(see attached photo image)
VM Ubuntu 12.04 64bit
Adapter -1
Bridge
eth0Start VM
Warning:```The virtual machine execution may run into an error condition as
described below. We suggest that you take an appropriate
action to avert the error.Bridged interface eth0 is down. Guest will not be able to use
this interface.Details
Error ID: BridgeInterfaceDown
Severity: WarningLogin pfSense (192.168.1.1) Username admin Password pfsense -> Login -> Interfaces -> WAN Description WAN Type PPPoE Username (xxxxxxx) Password (xxxxxx) (check) Block private networks Block bogon networks -> Save Warning``` Interfaces: WAN The WAN configuration has been changed. You must apply the changes in order for them to take effect. Don't forget to adjust the DHCP Server range if needed after applying.
-> Apply Changes
-> Status -> Interfaces -> click (connect)
Still failed (see attached photo image)
According to following document:-
pfSense initial configuration with ADSL WAN
http://www.interspective.net/2012/05/pfsense-initial-configuration-adsl-wan.html.... The first thing you want to do is use a web browser to connect to your old modem / router and set the WAN interface to 'Bridge Mode'. Once you've logged in you will need to find the WAN type....
First I'm not allowed to touch the modem, impossible making change on its settings. Besides there will be no sense using the router to continue this test. My goal is using vRouter (pfSense)
I think my chance of success being remote? I'll buy a new router after switching to the new ISP on the coming April (the current router is on loan).
Rgds
satimis
-
If you are not able to configure the modem in any way, you cannot use pfSense to dial PPPoE. That's pretty much the whole story.
-
If you are not able to configure the modem in any way, you cannot use pfSense to dial PPPoE. That's pretty much the whole story.
Hi,
Thanks for your advice.
I consider not to spend further effort here because less than a month I'll use a new ISP. Then I'll try again before purchasing a new router. I'm subscribing Static IP. I'll make request to the new ISP for changing the settings on their ONT. They'll provide ONT not cable modem for HTTH Optical Fibre Network. My current ISP is not providing Optical Fibre Service.
I have the photo of the ONT attached here which is provided by the new ISP
There are 2 ports. I think I can use them connecting my 2 PCs? But how to assign LAN IP to VMs without a router?
Rgds
satimis