PPPoe Static IP Block Configuration Help Needed [solved]

General pfSense Questions
Log in to reply
  • D

    Sorry in advance if this is posted in the wrong category, as I'm not entirely sure of what the problem is I didn't feel I should post it on a more specific board.

    I have a bonded DSL connection with a static block of IPs assigned to me. I have placed the ISPs hardware into bridge mode, which according to anyone who has weighed in on the matter makes it forward everything that comes to it. The PFSense machine is consequently in charge of ISP Authorization using PPPoE. The PFSense machine pulls the correct IP from the ISP [xxx.xxx.xxx.249] with netmask 255.255.255.255. It has 5 physical network ports:

    
re0    [wan]
em0    [192.168.1.1] <-> Managed Switch
em1    [none] <-> xxx.xxx.xxx.251 Server
em2    [none] <-> Nothing Yet
em3    [none] <-> Nothing Yet

    A machine I wish to have completely exposed to the internet is connected to em1, it has an IP address of .251. My question is how do I go about doing this? I want everything that comes in on the re0 destined for .251 to go out em1. I've tinkered with virtual IPs, Bridging etc. but nothing seems to get the traffic to go out over em1. I'm hoping that this is possible and I'm hoping someone here can help.

    Is this possible? And if so, how do I do it?

    Thanks in advance.

    Update
    Mission accomplished with the following steps– if you have this [unlikely] problem, your mileage may vary!

    1: Go to Interface: Assign: WAN and change the IPv4 Configuration Type to None
    2: Go to Interfaces: Bridges, add a new bridge containing the interfaces you wish to bridge. In my case it was WAN and OPT1
    3: Go to System: Advanced: System Tunables and set net.link.bridge.pfil_member to 0, set net.link.bridge.pfil_bridge to 1
    4: Return to Interfaces: Assign and add a new interface containing the bridge [BRIDGE0] you just created.
    5: Enable the interface with a Static IPv4 Configuration type with the IP address that your ISP has assigned to you. In my case xxx.xxx.xxx.249 with /29 for the mask. Your mask may vary depending on your block size. Save it etc.
    6: Return to Interfaces:Assign and edit the WAN interface, set it back to PPPoE and enter your relevant credentials.
    7: Go to Firewall: Rules for OPT4 [or whatever you named your bridge interface under Interfaces: Assign] and allow whatever traffic you want allowed. In my case it was most everything.

    Hopefully it works. It worked for me :^)

    If anybody reading this has a security reason that I shouldn't be doing this, do let me know. I'm sure this isn't the way it's meant to be done. If you know better, do better.

    Cheers!

    0

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2021 Rubicon Communications, LLC | Privacy Policy