Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Strange behavior with PPPoE

    Scheduled Pinned Locked Moved General pfSense Questions
    15 Posts 3 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C Offline
      ClearView
      last edited by

      Hello,

      I've got a pretty odd setup network-wise and was wondering if anyone could shed some light on what may be going on with my network.

      First off I'm on a DSL connection with a C1000a modem set to pass though mode.  We than pass though a point to point 5 Ghz wireless link to the Pfsense 2.2.2 firewall. The PF box does the PPPoE.

      Both the Linux and Apple DHCP clients work like they should. All windows DHCP clients cannot access the internet.

      The strange thing is it works fine with an old WRT router with Tomato firmware. The PPPoE login is done on the Tomato. I've tried just about every setting, reinstalled on two completely different servers, re-downloaded PF than reinstalled and switched out several nic cards ect.

      If I set the windows clients to static they work.

      Thanks, Eric

      1 Reply Last reply Reply Quote 0
      • C Offline
        cmb
        last edited by

        something more to that than Windows vs. Linux and Apple. Compare what IPs they're getting, what gateway, what DNS, etc. Maybe some happen to be hitting some rogue DHCP server, or there must be some other diff.

        1 Reply Last reply Reply Quote 0
        • C Offline
          ClearView
          last edited by

          All are getting the same IP for the gateway, DHCP server, DNS ect. This box stock PFsense build. I can even plug in a windows client via cat5 right to the pf box with the same results so no rouge DCHP server. This is with every Windows client on the network. So its not just this one client.

          1 Reply Last reply Reply Quote 0
          • C Offline
            cmb
            last edited by

            That eliminates some possibilities. Need to narrow down the specific cause further. From the Windows clients:

            1. Can you ping the LAN IP?
            2. can you ping an IP on the Internet, like 8.8.8.8?
            3. can you ping a hostname on the Internet, say google.com?
            1 Reply Last reply Reply Quote 0
            • C Offline
              ClearView
              last edited by

              I cannot ping the LAN IP  192.168.1.1 , Google's DNS 8.8.8.8 nor can I ping www.google.com.  Both my Linux and Windows clients get the same subnet mask, default Gateway, and DNS information from Pfsense's DHCP server. I can however ping all  three with my any non windows computer/smart phone.

              1 Reply Last reply Reply Quote 0
              • C Offline
                cmb
                last edited by

                On an affected Windows client, run "arp -a" from a command prompt after attempting a ping that fails. Does it show a MAC there for 192.168.1.1? If so, compare it to your LAN NIC's MAC from Status>Interfaces.

                1 Reply Last reply Reply Quote 0
                • C Offline
                  ClearView
                  last edited by

                  The more I look into this the more I think it might be an IPv6 issue but even after I unchecked the "IPv6 checkbox" and do a restart I still cannot ping the firewall (192.168.1.1)

                  Microsoft Windows [Version 6.1.7601]
                  Copyright © 2009 Microsoft Corporation.  All rights reserv

                  C:\Users\Lenovo>ipconfig

                  Windows IP Configuration

                  Wireless LAN adapter Wireless Network Connection:

                  Connection-specific DNS Suffix  . : localdomain
                    IPv4 Address. . . . . . . . . . . : 192.168.1.119
                    Subnet Mask . . . . . . . . . . . : 255.255.255.0
                    Default Gateway . . . . . . . . . : 192.168.1.1

                  Tunnel adapter isatap.localdomain:

                  Media State . . . . . . . . . . . : Media disconnected
                    Connection-specific DNS Suffix  . : localdomain

                  Tunnel adapter Teredo Tunneling Pseudo-Interface:

                  Media State . . . . . . . . . . . : Media disconnected
                    Connection-specific DNS Suffix  . :

                  C:\Users\Lenovo>ping 192.168.1.1

                  Pinging 192.168.1.1 with 32 bytes of data:
                  Request timed out.
                  Request timed out.
                  Request timed out.
                  Request timed out.

                  Ping statistics for 192.168.1.1:
                      Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

                  C:\Users\Lenovo>

                  Here is the output from the command line on one of the windows clients with the IPv6 check box enabled

                  Windows IP Configuration

                  Wireless LAN adapter Wireless Network Connection:

                  Connection-specific DNS Suffix  . : localdomain
                    Link-local IPv6 Address . . . . . : fe80::6405:72d0:85de:df8f%11
                    IPv4 Address. . . . . . . . . . . : 192.168.1.119
                    Subnet Mask . . . . . . . . . . . : 255.255.255.0
                    Default Gateway . . . . . . . . . : fe80::211:43ff:fed8:e531%11
                                                        192.168.1.1

                  Tunnel adapter isatap.localdomain:

                  Media State . . . . . . . . . . . : Media disconnected
                    Connection-specific DNS Suffix  . : localdomain

                  Tunnel adapter Teredo Tunneling Pseudo-Interface:

                  Media State . . . . . . . . . . . : Media disconnected
                    Connection-specific DNS Suffix  . :

                  Linux output...

                  eth0      Link encap:Ethernet  HWaddr removed
                            UP BROADCAST MULTICAST  MTU:1500  Metric:1
                            RX packets:0 errors:0 dropped:0 overruns:0 frame:0
                            TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
                            collisions:0 txqueuelen:1000
                            RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
                            Interrupt:19

                  lo        Link encap:Local Loopback 
                            inet addr:127.0.0.1  Mask:255.0.0.0
                            inet6 addr: ::1/128 Scope:Host
                            UP LOOPBACK RUNNING  MTU:65536  Metric:1
                            RX packets:2210 errors:0 dropped:0 overruns:0 frame:0
                            TX packets:2210 errors:0 dropped:0 overruns:0 carrier:0
                            collisions:0 txqueuelen:0
                            RX bytes:183149 (183.1 KB)  TX bytes:183149 (183.1 KB)

                  wlan0    Link encap:Ethernet  HWaddr removed
                            inet addr:192.168.1.104  Bcast:192.168.1.255  Mask:255.255.255.0
                            inet6 addr: fe80::fef8:aeff:fe02:cd6c/64 Scope:Link
                            UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
                            RX packets:13795 errors:0 dropped:0 overruns:0 frame:0
                            TX packets:10808 errors:0 dropped:0 overruns:0 carrier:0
                            collisions:0 txqueuelen:1000
                            RX bytes:8214912 (8.2 MB)  TX bytes:1810484 (1.8 MB)

                  1 Reply Last reply Reply Quote 0
                  • C Offline
                    ClearView
                    last edited by

                    Ping statistics for 192.168.1.1:
                        Packets: Sent = 4, Received = 0, Lost = 4 (100% loss)

                    C:\Users\Lenovo>arp -a

                    Interface: 192.168.1.119 –- 0xb
                      Internet Address      Physical Address      Type
                      192.168.1.1          48-f8-b3-5a-f6-a6    dynamic
                      192.168.1.31          00-0f-7c-0b-2f-fd    dynamic
                      192.168.1.32          00-0f-7c-0b-30-bf    dynamic
                      192.168.1.33          00-0f-7c-0b-30-b2    dynamic
                      192.168.1.35          00-0f-7c-0a-fc-6f    dynamic
                      192.168.1.38          00-0f-7c-0a-fc-70    dynamic
                      192.168.1.40          00-0f-7c-0b-30-ab    dynamic
                      192.168.1.41          00-0f-7c-0b-30-03    dynamic
                      192.168.1.255        ff-ff-ff-ff-ff-ff    static
                      224.0.0.22            01-00-5e-00-00-16    static
                      224.0.0.252          01-00-5e-00-00-fc    static
                      239.255.255.250      01-00-5e-7f-ff-fa    static
                      255.255.255.255      ff-ff-ff-ff-ff-ff    static

                    C:\Users\Lenovo>

                    1 Reply Last reply Reply Quote 0
                    • C Offline
                      ClearView
                      last edited by

                      The Pfsense's LAN mac is:

                      fc:f8:ae:02:cd:6c

                      1 Reply Last reply Reply Quote 0
                      • D Offline
                        doktornotor Banned
                        last edited by

                        @ClearView:

                        The Pfsense's LAN mac is:

                        fc:f8:ae:02:cd:6c

                        Not good! Plug in a cable. Turn off the wifi. Try again.

                        P.S. Can you please use the CODE tags? This really is painful to read.

                        1 Reply Last reply Reply Quote 0
                        • C Offline
                          ClearView
                          last edited by

                          I lie, I got the mac from "insert local mac" thinking that it would insert it's local mac…  Not my clients mac address.

                          I got the correct  PfSense's LAN mac though "status_interfaces"

                          00:11:43:d8:e5:31

                          Sorry about the mix up.

                          1 Reply Last reply Reply Quote 0
                          • D Offline
                            doktornotor Banned
                            last edited by

                            That still does NOT match!

                            
                            192.168.1.1           48-f8-b3-5a-f6-a6     dynamic
                            
                            

                            Re-read the previous post.

                            1 Reply Last reply Reply Quote 0
                            • C Offline
                              ClearView
                              last edited by

                              @doktornotor:

                              @ClearView:

                              The Pfsense's LAN mac is:

                              fc:f8:ae:02:cd:6c

                              Not good! Plug in a cable. Turn off the wifi. Try again.

                              P.S. Can you please use the CODE tags? This really is painful to read.

                              The results are the same even if I plug the cilint right into the back of the Pfsense firewall. Sorry I will use the code blocks.

                              1 Reply Last reply Reply Quote 0
                              • D Offline
                                doktornotor Banned
                                last edited by

                                Turn OFF the wifi. Look, you cannot have a computer connected to two different pieces of equipment with the same IP.

                                48:F8:B3 Cisco-Linksys, LLC - what's that?

                                1 Reply Last reply Reply Quote 0
                                • C Offline
                                  ClearView
                                  last edited by

                                  @doktornotor:

                                  48:F8:B3 Cisco-Linksys, LLC - what's that?

                                  That is a hidden DHCP server is what that is! Strange that it worked with the Tomato but not pfsense. That part really though me for a loop! I would have be my life that I check all the switches for such before I started. Guess I missed one.

                                  I really appreciate you guys walking me though this. Could I send ether/both of you a case of beer?

                                  1 Reply Last reply Reply Quote 0
                                  • First post
                                    Last post
                                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.