No IP address displayed
-
Ok, excellent. Remember those settings! :)
So now there are two further problems to be tackled one at a time.
1. Change the WAN connection to PPPoE directly from pfSense.
2. Add a host adapter so the host also uses pfSense as it's internet gateway.Personally I would try to do 1 first but it's up to you. Don't try to do both at the same time though it will only introduce further confusion.
Steve
-
So now there are two further problems to be tackled one at a time.
1. Change the WAN connection to PPPoE directly from pfSense.
2. Add a host adapter so the host also uses pfSense as it's internet gateway.Personally I would try to do 1 first but it's up to you. Don't try to do both at the same time though it will only introduce further confusion.
Ok I'll do step-1 first without changing Adapter 1 and 2 of pfSense. I'll do direct editing on gui pfSense to change DHCP to PPPoE
- How about the devices connection? Still behind the router?
OR
ISP -> Modem -> PC ?- Shall I add the MAC Address of eth0 ?
If unsuccessful I'll add Step-2 which, I suppose, is an addition to Step-1?
I'm not very clear of;
2. Add a host adapter so the host also uses pfSense as it's internet gateway.
Whether add another Adapter to pfSense
Adapter 3
Host-Only Adapter
Name: vboxnet0And edit /etc/network/interfaces of Host as;```
The loopback network interface
auto lo
iface lo inet loopbackauto eth0
iface eth0 inet static
Address 192.168.1.2
Netmask 255.255.255.0
Gateway 192.168.1.1auto vboxnet0
iface vboxnet0 inet dhcpPlease advise. Thanks satimis -
Ok so to do part one, yes, change the pfSense WAN interrface to PPPoE and connect the modem directly the bridged host NIC.
Enter the correct PPP username/password in pfSense. Reboot the modem.
If it doesn't connect check the system and PPP logs in pfSense to see how far it got for clues.For part 2 that's exactly what I would do though when I read through the documentation I wasn't able to fully understand how the 'host only' adapter functions.
In pfSense go to Interfaces: (assign) and click the '+' icon and bottom to add a new interface. It will be OPT1 but you can rename it, say, HOST, if you like. Enable the interface and give it an IP address and subnet, something you're not using anywhere else. Go to Firewall: Rules: OPT1: and add a rule to allow out traffic, use the default allow rule from LAN as a template. Go to Services: DHCP Server: and add a DHCP sever to OPT1. Since you will only ever have one machine in that subnet you could use static IPs instead.Steve
-
Ok so to do part one, yes, change the pfSense WAN interrface to PPPoE and connect the modem directly the bridged host NIC.
Enter the correct PPP username/password in pfSense. Reboot the modem.login gui pfSense
-> WAN
IPv4 Configuration Type PPPoE
IPv6 Configuration Type DHCP6
DHCPv6 Prefix Delegation size 64
Username xxxxx
Password xxxxx(check) Block private networks
(check) Block bogon networks-> Save
-> Apply ChangesAfter a while
Start VM Ubuntu 12.04
$ sudo ifconfig```[sudo] password for satimis:
eth1 Link encap:Ethernet HWaddr 08:00:27:5a:3d:a4
inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe5a:3da4/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1656 errors:0 dropped:0 overruns:0 frame:0
TX packets:1088 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1311226 (1.3 MB) TX bytes:146582 (146.5 KB)lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:504 errors:0 dropped:0 overruns:0 frame:0
TX packets:504 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:38378 (38.3 KB) TX bytes:38378 (38.3 KB)$ ping yahoo.com``` PING yahoo.com (98.139.183.24) 56(84) bytes of data. 64 bytes from ir2.fp.vip.bf1.yahoo.com (98.139.183.24): icmp_req=1 ttl=46 time=254 ms 64 bytes from ir2.fp.vip.bf1.yahoo.com (98.139.183.24): icmp_req=2 ttl=46 time=278 ms 64 bytes from ir2.fp.vip.bf1.yahoo.com (98.139.183.24): icmp_req=3 ttl=46 time=235 msIt works !
I get it connected to ISP !
Reboot pfSense```
WAN (wan) -> pppoe0 -> v4/PPPoE: 2xx.2xx.2xx.1xx/32
LAN (lan) -> em1 -> v4: 192.168.1.1/24It shows the static IP which I subscribe. > If it doesn't connect check the system and PPP logs in pfSense to see how far it got for clues. Whether on pfSense terminal -> 12) pfSense Developer Shell and look for PPP logs there ? > For part 2 that's exactly what I would do though when I read through the documentation I wasn't able to fully understand how the 'host only' adapter functions. > In pfSense go to Interfaces: (assign) and click the '+' icon and bottom to add a new interface. It will be OPT1 but you can rename it, say, HOST, if you like. Enable the interface and give it an IP address and subnet, something you're not using anywhere else. Go to Firewall: Rules: OPT1: and add a rule to allow out traffic, use the default allow rule from LAN as a template. Go to Services: DHCP Server: and add a DHCP sever to OPT1\. Since you will only ever have one machine in that subnet you could use static IPs instead. Interface -> assign click '+' to add a new interface OPT1 -> Save Interfaces -> OPT1 -> (check) Enable Interfaces IPv4 Configuration Type Static IPv4 IPv6 Configuration Type None IPv4 address 192.168.1.8 Gateway None (check) Block private networks (check) Block bogon networks -> Save -> Apply changes -> Firewall -> Rules -> OPT1 -> add new rule Action Pass Interface OPT1 TCP/IP Version IPv4 Protocol TCP - > Save Service -> DHCP server (check) Enable DHCP server on OPT1 interface I was stuck here. What range shall I fill in here avoiding the warning: ???``` The following input errors were detected: The specified range lies outside of the current subnet.Thanks
satimis
-
You have used a /32 subnet mask on OPT1, so there are no other addresses available other than the pfSense OPT1 address. I think (without having read too much of this thread) that yourOPT! is supposed to be a different subnet to LAN, and will connect the host OS through to pfSense.
You need to put a different subnet than on the internal VM-based LAN - e.g. make it the pfSense OPT1 192.168.2.1/24 - then you can make a big (or small) dhcp range, like 192.168.2.10 to 192.168.2.99 -
-> WAN
IPv4 Configuration Type PPPoE
IPv6 Configuration Type DHCP6
DHCPv6 Prefix Delegation size 64
Username xxxxx
Password xxxxxUnless you need to have IPv6 enabled here, and your ISP is supplying it via DHCPv6, I would set WAN IPv6 to 'none'.
$ ping yahoo.com```
PING yahoo.com (98.139.183.24) 56(84) bytes of data.
64 bytes from ir2.fp.vip.bf1.yahoo.com (98.139.183.24): icmp_req=1 ttl=46 time=254 ms
64 bytes from ir2.fp.vip.bf1.yahoo.com (98.139.183.24): icmp_req=2 ttl=46 time=278 ms
64 bytes from ir2.fp.vip.bf1.yahoo.com (98.139.183.24): icmp_req=3 ttl=46 time=235 msIt works ! I get it connected to ISP !Nice! :)
-> 12) pfSense Developer Shell
and look for PPP logs there ?Nope the PPP logs can be found via the webgui. Status: System Logs: PPP tab.
However I wouldn't worry about that because you have managed to connect successfully, the logs will just detail the connection succeeding.Interfaces -> OPT1 -> (check) Enable Interfaces
IPv4 Configuration Type Static IPv4
IPv6 Configuration Type NoneIPv4 address 192.168.1.8
Gateway None
(check) Block private networks
(check) Block bogon networksLike Phil has pointed out you are already using the 192.168.1.X subnet for LAN. You need to use something like 192.168.2.X.
The Block bogon and private network boxes should be unchecked.-> Firewall -> Rules -> OPT1
-> add new rule
Action Pass
Interface OPT1
TCP/IP Version IPv4
Protocol TCPWhat did you put for the source and destination? Can we get a screenshot of this rule please.
Steve
-
Hi Steve,
I don't know what has happened here. I'm now posting from another PC (PC2)
After lunch I turned on PC1 but couldn't get VM connected Internet again. I have spent 2 hrs and couldn't figure out the problem.
I have 2 pfSense installed on PC1, but not running at the same time. Both of them worked before Lunch. I have not changed any config nor cabling.
pfSense2.1
pfSense2.11 (adding OPT1)Now after starting
pfSense2.1
WAN -> em0 -> pppoe
LAN -> em1 -> 192.168.1.1/24pfSense2.11
WAN -> em0 -> v4: xxx.xxx.xxx.xxxx/30 (static IP)
LAN -> em1 -> v4: 192.168.1.1/24
OPT1 -> em0 -> v4: xxx.xxx.xxx.xxxx/30 (static IP)VM can login gui pfSense but unable to connect Internet.
It is very strange to me.
satimis
-
Did you reboot the modem? It will usually only allow connection from one MAC address. Depending on how that is configured it may see it as the physical NIC MAC or some MAC auto generated by VBox. You usually have to reboot the modem to get it to talk to a new device. Possibly the auto generated MAC changed when you rebooted PC1.
Steve
-
I couldn't figure out what has happened here. The only way for me to reboot the modem is to switch off and on its power supply. I have done that multiple times.
I also suspect the problem coming from the vNIC? So I did following test on PC1:
- Config Host /etc/network/interfaces to connect pppoe
- Cable connection: ISP -> Modem -> PC1
- Reboot PC
- "pon dsl-provider", PC1 connects ISP. Host can browse Internet without problem
- Set VM
Adapter 1
NAT - Start VM. It connects Internet without browsing problem.
Reconfig Host /etc/network/interfaces not to establish connection at boot. Switch off/on modem and rebooted PC.
Created another pfSense, naming it pfSense2.12 and config pppoe. It re-starts without problem showing connecting ISP on terminal:
WAN (wan) -> pppoe0 -> v4 xxx.xxx.xxx.xxx (Static IP Address)
LAN (lan) -> em1 -> v4: 192.168.1.1/24Start VM
Adapter 1
Internal Network
intnetIt can't browse Internet
On pfSense Dashboard
It shows Static IP but not inside the box. ISP nameservers are displayed.
(Please see image attached)If connection can't be established the Static IP will not be displayed on Dashboard
(please see image attached)
-
Hmm, have you always been using a static IP with the PPPoe connection? That's unusual.
If the PPPoE connection is not established then I would not expect to see anything in the box. The software cannot query the IP address of a connection that doesn't exist.Steve
-
Hmm, have you always been using a static IP with the PPPoe connection? - snip -
In daily operation the connection is behind a router;
ISP -> Modem -> Router -> PC
assign Static IP automatically.
Direct connection;
ISP -> Modem -> PCon Static IP is for testing only to check whether the vNIC is working properly.
What I can't understand is on pfSense terminal it shows connecting ISP. But VM can't connect Internet.
satimis
-
So can the pfSense VM connect to the internet when that is shown?
Diagnostics: Ping:Steve
-
So can the pfSense VM connect to the internet when that is shown?
Diagnostics: Ping:Yes, I can ping yahoo.com there and other IP adresses as well.
IT IS VERY FUNNY TO ME !!!
I found out the cause of problem. It is the static LAN IP Address assigned to VM by me.
There are 2 Ubuntu12.04 VMs, say VM1 and VM2, for this test. After starting pfSense, it assigned 192.168.1.102 and 192.168.1.103 to VM1 and VM2 respectively.
Then I edited
VM1 (/etc/network/interfaces)```auto lo
iface lo inet loopbackauto eth0
iface eth0 inet static
address 192.168.1.102
netmask 255.255.255.0
gateway 192.168.1.1VM2 (/etc/network/interfaces)``` auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 192.168.1.103 netmask 255.255.255.0 gateway 192.168.1.1Rebooted both VMs making sure they work. "sudo ifconfig" showed the correct LAN IP address.
After lunch I started pfSense and was not aware a new range of LAN IP created.
After deleling```
auto eth0
iface eth0 inet static
address 192.168.1.102/192.168.1.103
netmask 255.255.255.0
gateway 192.168.1.1on their /etc/network/interfaces, rebooted both VMs. Now they can browse Internet. VM1 - ifconfig``` eth1 Link encap:Ethernet HWaddr 08:00:27:5a:3d:a4 inet addr:192.168.1.10 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::a00:27ff:fe5a:3da4/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:216 errors:0 dropped:0 overruns:0 frame:0 TX packets:176 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:52802 (52.8 KB) TX bytes:20666 (20.6 KB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:82 errors:0 dropped:0 overruns:0 frame:0 TX packets:82 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:7778 (7.7 KB) TX bytes:7778 (7.7 KB)VM2 - ifconfig```
eth0 Link encap:Ethernet HWaddr 08:00:27:10:8c:3d
inet addr:192.168.1.11 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe10:8c3d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1189 errors:0 dropped:0 overruns:0 frame:0
TX packets:1215 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1161881 (1.1 MB) TX bytes:248401 (248.4 KB)lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:196 errors:0 dropped:0 overruns:0 frame:0
TX packets:196 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:31707 (31.7 KB) TX bytes:31707 (31.7 KB)Why VM1 uses eth1 and VM2 eth0? Not both eth0? Please advise how to fix the range of LAN IP assigned? How to fix only assigning eth0? Before proceed OPT1 Thanks satimis -
192.168.1.10 and .11 are what I would expect the pfSense DHCP server to hand out. The .102 and .103 addresses are much higher in range, did you enter those manually?
I don't know why VM1 is using eth1 but it implies it must have two virtual NICs assigned to it in VBox. Presumably one of those adapters is set as some other type. It should have only one adapter that is set as Internal Network.
Steve
-
192.168.1.10 and .11 are what I would expect the pfSense DHCP server to hand out. The .102 and .103 addresses are much higher in range, did you enter those manually?
I couldn't recall exactly on configuring pfSense. I have been asked to input subnet range. But none of the range input was accepted. Then I continued.
I'll reconfigure a pfSense later please advise how to fill in the subnet range? Thanks
I don't know why VM1 is using eth1 but it implies it must have two virtual NICs assigned to it in VBox. Presumably one of those adapters is set as some other type. It should have only one adapter that is set as Internal Network.
Just I start the 3rd VM(LinuxMint16)
$ sudo ifconfig```eth0 Link encap:Ethernet HWaddr 08:00:27:0a:75:b9
inet addr:192.168.1.12 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe0a:75b9/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:20 errors:0 dropped:0 overruns:0 frame:0
TX packets:106 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2559 (2.5 KB) TX bytes:17153 (17.1 KB)lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:24 errors:0 dropped:0 overruns:0 frame:0
TX packets:24 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1983 (1.9 KB) TX bytes:1983 (1.9 KB)Started 4th VM(Ubuntu12.04) $ sudo ifconfig``` eth2 Link encap:Ethernet HWaddr 08:00:27:6c:ae:ac inet addr:192.168.1.13 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::a00:27ff:fe6c:aeac/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:71 errors:0 dropped:0 overruns:0 frame:0 TX packets:136 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:29464 (29.4 KB) TX bytes:17288 (17.2 KB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:22 errors:0 dropped:0 overruns:0 frame:0 TX packets:22 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1905 (1.9 KB) TX bytes:1905 (1.9 KB)I'm most concerned how to set Static IP if the ethX port continues changing?
satimis
-
Hmm, that does seem odd. Those VMs only have a single adapter assigned to each?
At least the pfSense DHCP server is handing out consecutive IPs in the correct order and range so you know that's configured correctly. ;)Steve
-
Hmm, that does seem odd. Those VMs only have a single adapter assigned to each?
At least the pfSense DHCP server is handing out consecutive IPs in the correct order and range so you know that's configured correctly. ;)Noted. Thanks
Continue OPT1
Interfaces -> OPT1 -> (check) Enable Interfaces
IPv4 Configuration Type Static IPv4
IPv6 Configuration Type NoneIPv4 address 192.168.2.1 / 30
Gateway None
(uncheck) Block private networks
(uncheck) Block bogon networks-> Save -> Apply Changes
Firewall
-> Rules-> add new rule
Firewall: Rules: Edit
Action Pass
Interface OPT1
TCP/IP Version IPv4
Protocol TCP
Description blank
-> Save - Apply Changes
(see screenshot)Services
-> DHCP server
-> OPT1(check) Enable DHCP server on OPT1 interface
(Available range 192.168.2.1 - 192.168.2.2 )(default)
Range 192.168.2.1 to 192.168.2.2-> Save -> Apply Change
(see screenshot)How to connect PC2?
satimis
-
The dhcp range should not include the opt1 interface address. I'm surprised pfSense allowed you to choose that. If it hands out 192.168.2.1 to the host it won't be to connect as it will have the same address! Try using only .2.2 or switch to a /29 and use, say, 2.2-2.6.
Steve
-
The dhcp range should not include the opt1 interface address. I'm surprised pfSense allowed you to choose that. If it hands out 192.168.2.1 to the host it won't be to connect as it will have the same address! Try using only .2.2 or switch to a /29 and use, say, 2.2-2.6.
Re-edit:
OPT1
Static IPv4 configuration
IPv4 address
change to: 192.168.2.2 /29
-> Save -> Apply changesTurn off pfSense
Set
Adapter 3
Host-only Adapter
vboxnet0Start pfSense
WAN (wan) -> pppoe1 -> v4/PPPoE: xxx.xxx.xxx.xxx./32
LAN (lan) -> em1 -> v4: 192.168.1.1/24
OPT1 (opt1) -> v4: 192.168.2.2/29On Host run;
$ sudo /etc/init.d/networking restart```[....] Running /etc/init.d/networking restart is deprecated because it may not r[warnble some interfaces ... (warning).
[....] Reconfiguring network interfaces...Internet Systems Consortium DHCP Client 4.2.2
Copyright 2004-2011 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/Listening on LPF/vboxnet0/0a:00:27:00:00:00
Sending on LPF/vboxnet0/0a:00:27:00:00:00
Sending on Socket/fallback
DHCPRELEASE on vboxnet0 to 192.168.56.100 port 67
Plugin rp-pppoe.so loaded.
Internet Systems Consortium DHCP Client 4.2.2
Copyright 2004-2011 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/Listening on LPF/vboxnet0/0a:00:27:00:00:00
Sending on LPF/vboxnet0/0a:00:27:00:00:00
Sending on Socket/fallback
DHCPDISCOVER on vboxnet0 to 255.255.255.255 port 67 interval 5
DHCPREQUEST on vboxnet0 to 255.255.255.255 port 67
DHCPOFFER from 192.168.56.100
DHCPACK from 192.168.56.100
bound to 192.168.56.101 -- renewal in 575 seconds.
done.$ ping yahoo.com ping: unknown host yahoo.com $ ping 192.168.1.1 connect: Network is unreachable $ ping 192.168.2.2 connect: Network is unreachable $ cat /etc/network/interfacesauto lo
iface lo inet loopbackauto eth0
iface eth0 inet manualauto dsl-provider
iface dsl-provider inet ppp
pre-up /sbin/ifconfig eth0 up # line maintained by pppoeconf
provider dsl-providerauto vboxnet0
iface vboxnet0 inet dhcpOn pfSense ping 192.168.56.100/192.168.56.101 100% pocket loss VM Ubuntu 12.04 $ sudo ifconfig``` eth1 Link encap:Ethernet HWaddr 08:00:27:5a:3d:a4 inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::a00:27ff:fe5a:3da4/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:4840 errors:0 dropped:0 overruns:0 frame:0 TX packets:4138 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:4620611 (4.6 MB) TX bytes:917984 (917.9 KB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:408 errors:0 dropped:0 overruns:0 frame:0 TX packets:408 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:63253 (63.2 KB) TX bytes:63253 (63.2 KB)This time pfSense assigns "eth1 …. inet addr:192.168.1.100 ..."
satimis
-
Hmm, well as I said earlier the presence of 192.168.56.X shows that VBox is NATing the connection somehow and handing out its own IPs. I could have misunderstood the use of the 'host only adapter'. Perhaps another adapter type is better suited to this or it needs further configuration. Hmm, more reading needed!
I'm not sure why pfSense would be handing out addresses like .100. It could be that the client is specifically asking for it and that the DHCP server remembers what address it handed to that MAC last time.
I have no idea why the VMs interfaces are being recognised as eth1-3 etc. If they have only one adapter assigned to them in VBox they should recognise that as eth0.Steve
