Split FiOS WAN Between pfSense and Verizon Router
-
Please forgive me if this is something I should know better about. I figured I would ask anyway.
My pfSense box has 4 gigabit ports. Is it possible to basically mirror the WAN interface on the pfSense box with one of the other interfaces? I would set my pfSense box and FiOS router to the same mac address and connect the FiOS router to the mirrored port. My goal is to have the FiOS router pick up the public IP address as well so that I can have it provide all of the special functions to the TV boxes while still allowing me to keep my pfSense box has the primary router for the house. I am trying to do the "three router" option mentioned here: http://www.dslreports.com/faq/16710 but without using the third router.
Thanks,
Chad -
Think you are in luck. I have done this dual router (pfSense and FiOS provided router) before. Here are a couple possible methods. I have successfully used both of them. It's a bit complex, but it can be done. Both methods outlined below require FiOS Ethernet service rather than MoCA (COAX). By the way is this for Verizon FiOS or Frontier FiOS?
Method 1: The most desirable (IMO)
Configure a switch as follows.
Port 8: PVID 99, Member VLAN 99, Un-Tagged; Member VLAN 98, Un-Tagged, connect to ISP WAN Ethernet
Port 7: PVID 98, Member VLAN 99, Un-Tagged, connect to FiOS router WAN port
Port 6: PVID 99, Member VLAN 99, Tagged, connect to pfSense WAN port
Ports 1-5: Default(optionally 98 can instead be 99 also)
Method 2:
How Can I Run Multiple Parallel Routers
https://www.dslreports.com/faq/16949
https://www.dslreports.com/forum/r27210694-FiOS-Dual-Router-Separated-Computer-TV-Service-NetworksUse pfSense WAN DHCP Advanced configuration options to impersonate the FiOS router's DHCP. Also clone the MAC address so pfSence has the same MAC address as the FiOS router.
-
Thank you NOYB. This will give me something to try out. I currently do not have a switch that supports VLANs so I am stuck with my pfSense box only for now. Is there a way for me to do this all with the 4 ports on my pfSense box?
http://www.supermicro.com/products/motherboard/Atom/X10/A1SRi-2558F.cfm
I am using Verizon FiOS.
-
Is there a way for me to do this all with the 4 ports on my pfSense box?
Not to my knowledge. My guess would be no. But one of the pfSense gurus would know better than I.
If you have an old "hub" or another switch available, I believe this could also be accomplished with a "hub", or a second switch, (as apposed to a vlan capable "switch") for the WAN connections.
-
NOYB,
Thank you for the good information. I did get this working (splitting the WAN) but verizon must have me blacklisted or something. I was not able to get remote DVR to work even when just using the Verizon supplied router. They must have flagged me as a non-standard configuration a long time ago and stopped trying to send the packets or something. I tried calling tech support but they were unable to really do anything so I ended up giving up on it.
I am spoofing my FiOS router with pfSense now so maybe eventually I will get picked back up.
-
I am spoofing my FiOS router with pfSense now so maybe eventually I will get picked back up.
Unless the Verison FiOS router is online too I think it's unlikely you'll get "picked back up", as there are special ports that need to be forwarded for the remote DVR service to function, plus they have management access to it but not your pfSence router.
The Verison FiOS forum and FAQ at DSL Reports is the best place to get assistance for dual router set up. Most of them seem to run one of the routers behind the other. But I don't really like that method and always ran them in parallel. Not sure why but currently I'm able to pull separate public IP address for both of them. So don't need to spoof MAC or impersonate anymore. Don't know if it's because of a misconfiguration or a policy change, so I haven't really expose that detail before. Though I'm in ex-Verizon territory and have never heard anyone else mention it before.
-
was not able to get remote DVR to work
Yes, the only thing not working in my setup is Remove DVR.
ONT -> Ethernet Cable -> WAN -> PfSense(192.168.1.1) -> LAN -> ActionTech Router in Bridge(192.168.1.2 for management) -> MOCA Coax.
I've tried a couple of times to get remote DVR working, but didn't have any luck. I didn't really use it so i didn't give it much work.
-
was not able to get remote DVR to work
Yes, the only thing not working in my setup is Remove DVR.
ONT -> Ethernet Cable -> WAN -> PfSense(192.168.1.1) -> LAN -> ActionTech Router in Bridge(192.168.1.2 for management) -> MOCA Coax.
I've tried a couple of times to get remote DVR working, but didn't have any luck. I didn't really use it so i didn't give it much work.
If I understand your setup pfSense needs to be forwarding the special ports used by remote DVR and also the management port to the Actiontec router. Otherwise it will never work. I used to know the ports of top of my head but not anymore.
P.S. The best place for assistance with remote DVR and using own router with Verizon and Frontier FiOS is the DSL Reports forums.
-
Method 1: The most desirable (IMO)
Configure a switch as follows.
Port 8: PVID 99, Member VLAN 99, Un-Tagged; Member VLAN 98, Un-Tagged, connect to ISP WAN Ethernet
Port 7: PVID 98, Member VLAN 99, Un-Tagged, connect to FiOS router WAN port
Port 6: PVID 99, Member VLAN 99, Tagged, connect to pfSense WAN port
Ports 1-5: Default(optionally 98 can instead be 99 also)
I'm trying to help somebody implement this, but I don't understand what you are prescribing here. From what I understand, pfsense's WAN is using vlan 99. The switch has ports 6 and 8 both on vlan 99, so the ISP WAN Ethernet is effectively connected to pfsense's WAN.
The part that confuses me is your port 7 configuration. You have the FiOS router connected here, but the switch port is set to pvid 98. You haven't listed any other switch port as being on vlan 98, so it appears to me that the FiOS router WAN is talking to nothing at all. Because swtich port 7 is a member of 99 untagged, the FiOS router will receive ethernet froms from pfsense and the ISP, but frames coming from the FiOS router will go nowhere.
What is supposed to happen here?
-
So I've setup FIOS recently with pfsense. All services seem to work…
The info can be found here:
https://www.dslreports.com/forum/r30599062-Networking-FIOS-Quantum-with-Pfsense-MOCA-Bridge-setup
-
Think you are in luck. I have done this dual router (pfSense and FiOS provided router) before. Here are a couple possible methods. I have successfully used both of them. It's a bit complex, but it can be done. Both methods outlined below require FiOS Ethernet service rather than MoCA (COAX). By the way is this for Verizon FiOS or Frontier FiOS?
Method 1: The most desirable (IMO)
Configure a switch as follows.
Port 8: PVID 99, Member VLAN 99, Un-Tagged; Member VLAN 98, Un-Tagged, connect to ISP WAN Ethernet
Port 7: PVID 98, Member VLAN 99, Un-Tagged, connect to FiOS router WAN port
Port 6: PVID 99, Member VLAN 99, Tagged, connect to pfSense WAN port
Ports 1-5: Default(optionally 98 can instead be 99 also)
Method 2:
How Can I Run Multiple Parallel Routers
https://www.dslreports.com/faq/16949
https://www.dslreports.com/forum/r27210694-FiOS-Dual-Router-Separated-Computer-TV-Service-NetworksUse pfSense WAN DHCP Advanced configuration options to impersonate the FiOS router's DHCP. Also clone the MAC address so pfSence has the same MAC address as the FiOS router.
Does remote DVR work with both of these methods (granted I know I need to forward the correct ports)?
Also, for method 1, do I need a switch that supports VLAN Trunking? I bought a Dell PowerConnect 2716 switch, but I dont think it supports trunking. Can you confirm if this managed switch will work? Thanks!
