No IP address displayed

doktornotor

If you are not able to configure the modem in any way, you cannot use pfSense to dial PPPoE. That's pretty much the whole story.

satimis

@doktornotor:

If you are not able to configure the modem in any way, you cannot use pfSense to dial PPPoE. That's pretty much the whole story.

Hi,

Thanks for your advice.

I consider not to spend further effort here because less than a month I'll use a new ISP.  Then I'll try again before purchasing a new router.  I'm subscribing Static IP.  I'll make request to the new ISP for changing the settings on their ONT.  They'll provide ONT not cable modem for HTTH Optical Fibre Network.  My current ISP is not providing Optical Fibre Service.

I have the photo of the ONT attached here which is provided by the new ISP

There are 2 ports.  I think I can use them connecting my 2 PCs?  But how to assign LAN IP to VMs without a router?

Rgds
satimis

stephenw10

You don't need to put your router in bridge mode because you have a separate modem and router. You have removed the router entirely leaving just the modem which expects to see a PPPoE connection.

Here's the think though. You are making this far more difficult than it needs to be by trying to do everything at once. The way to solve problems like this is to do in one step at a time. Right now you're trying to solve the PPPoE connection, the connection to the host and connection to the Ubuntu VM simultaneously. You are also changing many things between each post so that diagnosing what effect the changed have had becomes far more difficult.

The 192.168.56.X address given by the host only adapter to the host is an address given out by VBox when it's NATing. You probably don't want that.

Here's what I would do:
Solve one thing at a time. So first I would setup the connection between the pfSense VM and the Ubuntu administration VM.
Please put the router back in place so that it's handing out IPs. Setup the pfSense VM with two adapters as you did before:

pfSense
Adapter 1
Bridge
eth0

Adapter 2
Internal Network
intnet

Set the pfSense WAN interface to DHCP. It should receive an IP address on the WAN from the router. Now you know you have the correct adapter assigned to the WAN.

Set the Ubuntu VM adapter to:

Adapter 1
Internal Network
intnet

Set Ubuntu to use DHCP. Now it should receive an IP address from the pfSense DHCP server. If it does not we will try to solve that first before doing anything else. We need that connection work.

Steve

satimis

@stephenw10:

• snip -

Please put the router back in place so that it's handing out IPs. Setup the pfSense VM with two adapters as you did before:

pfSense
Adapter 1
Bridge
eth0

Adapter 2
Internal Network
intnet

Set the pfSense WAN interface to DHCP. It should receive an IP address on the WAN from the router. Now you know you have the correct adapter assigned to the WAN.

Set the Ubuntu VM adapter to:

Adapter 1
Internal Network
intnet

Set Ubuntu to use DHCP. Now it should receive an IP address from the pfSense DHCP server. If it does not we will try to solve that first before doing anything else. We need that connection work.

Set connection as advised;

ISP -> Modem -> Router -> PC

also set config as advised.

Started pfSense followed by VM

Login gui pfSense
Wan -> DHCP
-> Applied changes

Status -> Interfaces
Status  down
DHCP  down [renew] (no function on clicking)

Rebooted pfSense, it held here;```

.....
Do you want tp set VLANs [y|n] em1: DAD detected duplicate IPv6 address
fe80:2::226:10ff:fe44:b61a: NS in/out=0/1 NA in=1
em1: DAD complete for fe80:2::226:10ff:fe44:b61a - duplicate found
em1: manual intervention required
em1: possible hardware address duplication detected,l disable IPv6

Edit:
===
Host
/etc/network/interfaces```

# The loopback network interface
auto lo
iface lo inet loopback

satimis

stephenw10

Ok, well we have some new information at least!
That duplicated IPv6 address is probably because both the pfSense WAN and the Host, PC1, are requesting addresses using the same MAC address. They share the same physical MAC. I'm unsure why that didn't happen before. There is probably a work around by spoofing the MAC but if you don't need IPv6 you can just go to Interfaces: WAN: and set the IPv6 configuration type to 'none'. I assume you had set that to DHCP. Obviously leave the IPv4 type as DHCP.

So you had no problem connecting to the LAN from the Ubuntu VM? Did it receive an IP from the pfSense DHCP server? You can check it in Status: DHCP leases:

Steve

satimis

On Host before firing up pfSense

$ sudo ifconfig```

eth0      Link encap:Ethernet  HWaddr 00:26:18:44:b6:1a 
          inet addr:192.168.0.10  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::226:18ff:fe44:b61a/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:231980 errors:0 dropped:0 overruns:0 frame:0
          TX packets:144575 errors:0 dropped:0 overruns:0 carrier:1
          collisions:0 txqueuelen:1000
          RX bytes:322513726 (307.5 MiB)  TX bytes:13891455 (13.2 MiB)
          Interrupt:18

eth1      Link encap:Ethernet  HWaddr 90:f6:52:03:57:86 
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
          Interrupt:43 Base address:0x4000

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:8 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:480 (480.0 B)  TX bytes:480 (480.0 B)

> That duplicated IPv6 address is probably because both the pfSense WAN and the Host, PC1, are requesting addresses using the same MAC address. They share the same physical MAC. I'm unsure why that didn't happen before. There is probably a work around by spoofing the MAC but if you don't need IPv6 you can just go to Interfaces: WAN: and set the IPv6 configuration type to 'none'. I assume you had set that to DHCP. Obviously leave the IPv4 type as DHCP.

Before changing pppoe back to DHCP I have put the MAC Address of eth0 "00:26:18:44:b6:1a" there (IIRC).  During changing pppoe to DHCP I deleted that MAC Address.

Now I couldn't start pfSense anymore it was held on;```

.....
Do you want tp set VLANs [y|n] em1: DAD detected duplicate IPv6 address
fe80:2::226:10ff:fe44:b61a: NS in/out=0/1 NA in=1
em1: DAD complete for fe80:2::226:10ff:fe44:b61a - duplicate found
em1: manual intervention required
em1: possible hardware address duplication detected,l disable IPv6

satimis

stephenw10

So you tried disabling DHCPv6?

At that screen you should still be able to answer 'N' to the VLANs question and continue the pfSense setup. The duplicate IP warning is just informational. It shouldn't stop you continuing.

Steve

satimis

@stephenw10:

So you tried disabling DHCPv6?

At that screen you should still be able to answer 'N' to the VLANs question and continue the pfSense setup. The duplicate IP warning is just informational. It shouldn't stop you continuing.

I was stuck there.  Actually I was not allowed to keyin any imput.  All were done automatically eversince starting pfSense.

This version of pfSense was imported on pfSense-2.0.3-RELEASE-amd64.ova download on Internet.  Would this .ova have problem?

I also have pfSense-LiveCD-2.1-RELEASE-amd64.iso.gz download.  I can create another VM installing this version.

satimis

satimis

Hi Steve

Created another pfSense VM (name=pfSense2.1) on pfSense-LiveCD-2.1-RELEASE-amd64.iso.gz download on pfSense site.

pfSense2.1
========
Adapter 1
Bridge
eth0

Adapter 2
Internal Network
intnet

VM Ubuntu 12.04
==============
Adapter 1
Internal Network
intnet

This time it works
–-------------------
Fire up pfSense2.1

WAN (wan)  -> em0  -> v4/DHCP4: 192.168.0.15/24
LAN (lan)  -> em1  -> v4: 192.168.1.1/24

WAN gets DHCP on physical Router

Start VM

$ sudo ifconfig```

eth1      Link encap:Ethernet  HWaddr 08:00:27:5a:3d:a4 
          inet addr:192.168.1.101  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::a00:27ff:fe5a:3da4/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:12104 errors:0 dropped:0 overruns:0 frame:0
          TX packets:10357 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:13944700 (13.9 MB)  TX bytes:1169137 (1.1 MB)

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:1627 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1627 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:226777 (226.7 KB)  TX bytes:226777 (226.7 KB)

VM obtains IP on pfSense2.1

I can login pfSense2.1 on VM

satimis

stephenw10

Ok, excellent. Remember those settings!  :)

So now there are two further problems to be tackled one at a time.
1. Change the WAN connection to PPPoE directly from pfSense.
2. Add a host adapter so the host also uses pfSense as it's internet gateway.

Personally I would try to do 1 first but it's up to you. Don't try to do both at the same time though it will only introduce further confusion.

Steve

satimis

@stephenw10:

So now there are two further problems to be tackled one at a time.
1. Change the WAN connection to PPPoE directly from pfSense.
2. Add a host adapter so the host also uses pfSense as it's internet gateway.

Personally I would try to do 1 first but it's up to you. Don't try to do both at the same time though it will only introduce further confusion.

Ok I'll do step-1 first without changing Adapter 1 and 2 of pfSense.  I'll do direct editing on gui pfSense to change DHCP to PPPoE

1. How about the devices connection?  Still behind the router?

OR
ISP -> Modem -> PC ?

2. Shall I add the MAC Address of eth0 ?

If unsuccessful I'll add Step-2 which, I suppose, is an addition to Step-1?

I'm not very clear of;

2. Add a host adapter so the host also uses pfSense as it's internet gateway.

Whether add another Adapter to pfSense
Adapter 3
Host-Only Adapter
Name: vboxnet0

And edit /etc/network/interfaces of Host as;```

The loopback network interface

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
Address  192.168.1.2
Netmask  255.255.255.0
Gateway  192.168.1.1

auto vboxnet0
iface vboxnet0 inet dhcp

Please advise.  Thanks

satimis

stephenw10

Ok so to do part one, yes, change the pfSense WAN interrface to PPPoE and connect the modem directly the bridged host NIC.
Enter the correct PPP username/password in pfSense. Reboot the modem.
If it doesn't connect check the system and PPP logs in pfSense to see how far it got for clues.

For part 2 that's exactly what I would do though when I read through the documentation I wasn't able to fully understand how the 'host only' adapter functions.
In pfSense go to Interfaces: (assign) and click the '+' icon and bottom to add a new interface. It will be OPT1 but you can rename it, say, HOST, if you like. Enable the interface and give it an IP address and subnet, something you're not using anywhere else. Go to Firewall: Rules: OPT1: and add a rule to allow out traffic, use the default allow rule from LAN as a template. Go to Services: DHCP Server: and add a DHCP sever to OPT1. Since you will only ever have one machine in that subnet you could use static IPs instead.

Steve

satimis

@stephenw10:

Ok so to do part one, yes, change the pfSense WAN interrface to PPPoE and connect the modem directly the bridged host NIC.
Enter the correct PPP username/password in pfSense. Reboot the modem.

login gui pfSense

-> WAN
IPv4 Configuration Type  PPPoE
IPv6 Configuration Type  DHCP6
DHCPv6 Prefix Delegation size  64
Username  xxxxx
Password  xxxxx

(check)  Block private networks
(check)  Block bogon networks

-> Save
-> Apply Changes

After a while

Start VM Ubuntu 12.04
$ sudo ifconfig```

[sudo] password for satimis:
eth1      Link encap:Ethernet  HWaddr 08:00:27:5a:3d:a4 
          inet addr:192.168.1.100  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::a00:27ff:fe5a:3da4/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1656 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1088 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1311226 (1.3 MB)  TX bytes:146582 (146.5 KB)

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:504 errors:0 dropped:0 overruns:0 frame:0
          TX packets:504 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:38378 (38.3 KB)  TX bytes:38378 (38.3 KB)

$ ping yahoo.com```

PING yahoo.com (98.139.183.24) 56(84) bytes of data.
64 bytes from ir2.fp.vip.bf1.yahoo.com (98.139.183.24): icmp_req=1 ttl=46 time=254 ms
64 bytes from ir2.fp.vip.bf1.yahoo.com (98.139.183.24): icmp_req=2 ttl=46 time=278 ms
64 bytes from ir2.fp.vip.bf1.yahoo.com (98.139.183.24): icmp_req=3 ttl=46 time=235 ms

It works !

I get it connected to ISP !

Reboot pfSense```

WAN (wan)  -> pppoe0  -> v4/PPPoE: 2xx.2xx.2xx.1xx/32
LAN (lan)  -> em1  -> v4: 192.168.1.1/24

It shows the static IP which I subscribe.

> If it doesn't connect check the system and PPP logs in pfSense to see how far it got for clues.

Whether on pfSense terminal

-> 12) pfSense Developer Shell
and look for PPP logs there ?

> For part 2 that's exactly what I would do though when I read through the documentation I wasn't able to fully understand how the 'host only' adapter functions.
> In pfSense go to Interfaces: (assign) and click the '+' icon and bottom to add a new interface. It will be OPT1 but you can rename it, say, HOST, if you like. Enable the interface and give it an IP address and subnet, something you're not using anywhere else. Go to Firewall: Rules: OPT1: and add a rule to allow out traffic, use the default allow rule from LAN as a template. Go to Services: DHCP Server: and add a DHCP sever to OPT1\. Since you will only ever have one machine in that subnet you could use static IPs instead.

Interface -> assign
click '+' to add a new interface OPT1
-> Save

Interfaces -> OPT1 -> (check) Enable Interfaces
IPv4 Configuration Type  Static IPv4
IPv6 Configuration Type  None

IPv4 address  192.168.1.8
Gateway  None
(check)  Block private networks
(check)  Block bogon networks
-> Save -> Apply changes

-> Firewall -> Rules -> OPT1
-> add new rule
Action  Pass
Interface  OPT1
TCP/IP Version  IPv4
Protocol  TCP
- > Save

Service -> DHCP server
(check) Enable DHCP server on OPT1 interface

I was stuck here.

What range shall I fill in here avoiding the warning: ???```

The following input errors were detected:
The specified range lies outside of the current subnet.

Thanks

satimis

phil.davis

You have used a /32 subnet mask on OPT1, so there are no other addresses available other than the pfSense OPT1 address. I think (without having read too much of this thread) that yourOPT! is supposed to be a different subnet to LAN, and will connect the host OS through to pfSense.
You need to put a different subnet than on the internal VM-based LAN - e.g. make it the pfSense OPT1 192.168.2.1/24 - then you can make a big (or small) dhcp range, like 192.168.2.10 to 192.168.2.99

stephenw10

@satimis:

-> WAN
IPv4 Configuration Type  PPPoE
IPv6 Configuration Type  DHCP6
DHCPv6 Prefix Delegation size  64
Username  xxxxx
Password  xxxxx

Unless you need to have IPv6 enabled here, and your ISP is supplying it via DHCPv6, I would set WAN IPv6 to 'none'.

@satimis:

$ ping yahoo.com```

PING yahoo.com (98.139.183.24) 56(84) bytes of data.
64 bytes from ir2.fp.vip.bf1.yahoo.com (98.139.183.24): icmp_req=1 ttl=46 time=254 ms
64 bytes from ir2.fp.vip.bf1.yahoo.com (98.139.183.24): icmp_req=2 ttl=46 time=278 ms
64 bytes from ir2.fp.vip.bf1.yahoo.com (98.139.183.24): icmp_req=3 ttl=46 time=235 ms

It works !

I get it connected to ISP !

Nice!  :)

@satimis:

-> 12) pfSense Developer Shell
and look for PPP logs there ?

Nope the PPP logs can be found via the webgui. Status: System Logs: PPP tab.
However I wouldn't worry about that because you have managed to connect successfully, the logs will just detail the connection succeeding.

@satimis:

Interfaces -> OPT1 -> (check) Enable Interfaces
IPv4 Configuration Type  Static IPv4
IPv6 Configuration Type  None

IPv4 address  192.168.1.8
Gateway  None
(check)  Block private networks
(check)  Block bogon networks

Like Phil has pointed out you are already using the 192.168.1.X subnet for LAN. You need to use something like 192.168.2.X.
The Block bogon and private network boxes should be unchecked.

@satimis:

-> Firewall -> Rules -> OPT1
-> add new rule
Action  Pass
Interface  OPT1
TCP/IP Version  IPv4
Protocol  TCP

What did you put for the source and destination? Can we get a screenshot of this rule please.

Steve

satimis

Hi Steve,

I don't know what has happened here.  I'm now posting from another PC (PC2)

After lunch I turned on PC1 but couldn't get VM connected Internet again.  I have spent 2 hrs and couldn't figure out the problem.

I have 2 pfSense installed on PC1, but not running at the same time.  Both of them worked before Lunch.  I have not changed any config nor cabling.

pfSense2.1
pfSense2.11 (adding OPT1)

Now after starting
pfSense2.1
WAN -> em0 -> pppoe
LAN -> em1 -> 192.168.1.1/24

pfSense2.11
WAN -> em0 ->  v4: xxx.xxx.xxx.xxxx/30 (static IP)
LAN -> em1 ->  v4: 192.168.1.1/24
OPT1 -> em0 -> v4: xxx.xxx.xxx.xxxx/30 (static IP)

VM can login gui pfSense but unable to connect Internet.

It is very strange to me.

satimis

stephenw10

Did you reboot the modem? It will usually only allow connection from one MAC address. Depending on how that is configured it may see it as the physical NIC MAC or some MAC auto generated by VBox. You usually have to reboot the modem to get it to talk to a new device. Possibly the auto generated MAC changed when you rebooted PC1.

Steve

satimis

I couldn't figure out what has happened here.  The only way for me to reboot the modem is to switch off and on its power supply.  I have done that multiple times.

I also suspect the problem coming from the vNIC?  So I did following test on PC1:

1. Config Host /etc/network/interfaces to connect pppoe
2. Cable connection: ISP -> Modem -> PC1
3. Reboot PC
4. "pon dsl-provider", PC1 connects ISP.  Host can browse Internet without problem
5. Set VM
   Adapter 1
   NAT
6. Start VM.  It connects Internet without browsing problem.

Reconfig Host /etc/network/interfaces not to establish connection at boot.  Switch off/on modem and rebooted PC.

Created another pfSense, naming it pfSense2.12 and config pppoe.  It re-starts without problem showing connecting ISP on terminal:
WAN (wan)  -> pppoe0  -> v4 xxx.xxx.xxx.xxx (Static IP Address)
LAN (lan)  -> em1  -> v4:  192.168.1.1/24

Start VM
Adapter 1
Internal Network
intnet

It can't browse Internet

On pfSense Dashboard
It shows Static IP but not inside the box.  ISP nameservers are displayed.
(Please see image attached)

If connection can't be established the Static IP will not be displayed on Dashboard
(please see image attached)

stephenw10

Hmm, have you always been using a static IP with the PPPoe connection? That's unusual.
If the PPPoE connection is not established then I would not expect to see anything in the box. The software cannot query the IP address of a connection that doesn't exist.

Steve

satimis

@stephenw10:

Hmm, have you always been using a static IP with the PPPoe connection? - snip -

In daily operation the connection is behind a router;

ISP -> Modem -> Router -> PC

assign Static IP automatically.

Direct connection;
ISP -> Modem -> PC

on Static IP is for testing only to check whether the vNIC is working properly.

What I can't understand is on pfSense terminal it shows connecting ISP.  But VM can't connect Internet.

satimis