Alix - pfsense problem, connecting to internet using an ADSL 1/2 bridge modem

  • Can anybody hep with this problem, I can connect to internet when the WAN is connected through a router, obvoiusly I am routing twice, but when I connect the same WAN port to the ADSL 1/2 bridge modem I get no internet.

    When I use a cheap TPLink router or my Laptop to the same 1/2 bridge modem's LAN port, I get the public IP passed through to the device connected and I can connect to internet and traffic flows.

    When I connect using the Alix, I get the public IP OK but no traffic flows, it probably needs a rule or something but I am stumped as to what.

  • Netgate Administrator

    How are you testing the connectivity?
    When the pfSense box has a public IP can you ping external addresses either from the console or the webgui?
    If you can't what's the exact error given?


  • No can not ping anything, not from the console or the ping command on Diagnostics.

    When I reconnect the existing Cisco RV042 to the 1/2 bridge modem everything works fine and we have Internet access.

    The pfsense/Alix combination is to replace the Cisco because you cannot use the iPhone/ipad ipsec VPN with the Cisco and the Cisco VPN also has a problem Connecting to a PIX routers VPN, pfsense/Alix has no problems over my Office WAN with VPN.

    I just can not get it to work with the existing ADSL 1/2 bridge modem.

    I tried using full bridging on the Modem, letting the pfsense do the authentication, that did not work either but I believe it does not anyway with ADSL you need PPPoE.

  • Netgate Administrator

    Ah, OK, so your modem is doing the authentication. How is it passing the public IP to the pfSense box? DMZ?

    As I said what is the error given when the pings fail? No route? No reply? No DNS?

    I have a modem in full bridge mode here on ADSL with pfSense doing PPPoE.


  • No reply from Ping

    Are you in UK for the ADSL

    The modem is a 1/2 Bridge modem, it has its own DHCP server, it does the authentication then passes the public IP Direct through to the Lan port when authentication is complete.

    Works fine with laptop connected, works with Cisco RV042 and works with an old Netgear FV114 VPN Router.

    What modem do you have?, How have you got full bridge to work, what are the settings.

    The modem does have a full bridge mode and I have tried it, nothing, i also tried a Dlink DSL-320B

  • Netgate Administrator

    Yes I'm in the UK. I'm using a Draytek V120 which does PPPoA to PPPoE bridging.

    One possible problem here is that often a ppp connection will use a gateway that's outside the WAN subnet. Whilst that's valid for ppp it is not for dhcp. Whilst windows, and linux to a lesser extent, allow this FreeBSD does not because it's outside the spec. However that doesn't tie in with the 'no reply' to pings error.
    What gateway are you being given? What gateways are shown in the dashboard?


  • The gateway is 85..., IP is 84..., bit worried about putting full IP on public board.

    Netmask is bit strange at

  • Netgate Administrator

    Right so the gateway is in a different subnet and the supplied netmask is /32 which is normal for ppp connections but invalid for dhcp.
    Thinking back on this I think there was some workaround but I can't remember it or find the thread now.

    Posting your public IP is not a great idea but you've clearly shown the different subnets so that's fine.

    What's slightly odd is that I would expect the ping test to return 'no route to host' because the supplied gateway invalid. The fact that it shows 'no reply' indicates that it has a route and a valid default gateway. Do you have another gateway? Perhaps a gateway on LAN?


    Edit: If this actually in the problem you're having there may be some help here:

  • Out of desperation, tried Zeroshell and that worked, so I tried monowall, same problem and then by chance I noticed under services proxy ARP, so I set proxy ARP to point to the gateway and low and behold up came the internet.

    Can not however find proxy ARP on pfsense any idea's

  • Netgate Administrator

Log in to reply