Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PPPoe Static IP Block Configuration Help Needed [solved]

    Scheduled Pinned Locked Moved General pfSense Questions
    1 Posts 1 Posters 782 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      drgonzo
      last edited by

      Sorry in advance if this is posted in the wrong category, as I'm not entirely sure of what the problem is I didn't feel I should post it on a more specific board.

      I have a bonded DSL connection with a static block of IPs assigned to me. I have placed the ISPs hardware into bridge mode, which according to anyone who has weighed in on the matter makes it forward everything that comes to it. The PFSense machine is consequently in charge of ISP Authorization using PPPoE. The PFSense machine pulls the correct IP from the ISP [xxx.xxx.xxx.249] with netmask 255.255.255.255. It has 5 physical network ports:

      
re0    [wan]
em0    [192.168.1.1] <-> Managed Switch
em1    [none] <-> xxx.xxx.xxx.251 Server
em2    [none] <-> Nothing Yet
em3    [none] <-> Nothing Yet

      A machine I wish to have completely exposed to the internet is connected to em1, it has an IP address of .251. My question is how do I go about doing this? I want everything that comes in on the re0 destined for .251 to go out em1. I've tinkered with virtual IPs, Bridging etc. but nothing seems to get the traffic to go out over em1. I'm hoping that this is possible and I'm hoping someone here can help.

      Is this possible? And if so, how do I do it?

      Thanks in advance.

      Update
      Mission accomplished with the following steps– if you have this [unlikely] problem, your mileage may vary!

      1: Go to Interface: Assign: WAN and change the IPv4 Configuration Type to None
      2: Go to Interfaces: Bridges, add a new bridge containing the interfaces you wish to bridge. In my case it was WAN and OPT1
      3: Go to System: Advanced: System Tunables and set net.link.bridge.pfil_member to 0, set net.link.bridge.pfil_bridge to 1
      4: Return to Interfaces: Assign and add a new interface containing the bridge [BRIDGE0] you just created.
      5: Enable the interface with a Static IPv4 Configuration type with the IP address that your ISP has assigned to you. In my case xxx.xxx.xxx.249 with /29 for the mask. Your mask may vary depending on your block size. Save it etc.
      6: Return to Interfaces:Assign and edit the WAN interface, set it back to PPPoE and enter your relevant credentials.
      7: Go to Firewall: Rules for OPT4 [or whatever you named your bridge interface under Interfaces: Assign] and allow whatever traffic you want allowed. In my case it was most everything.

      Hopefully it works. It worked for me :^)

      If anybody reading this has a security reason that I shouldn't be doing this, do let me know. I'm sure this isn't the way it's meant to be done. If you know better, do better.

      Cheers!

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.