PPPoE interface to ADSL modem

_Chris_

Hello,
I'm setting up pfSense to replace a BT home hub router that connects to an ADSL modem. The interface is over PPPoE, and BT give guidance on setting up a non-BT router (http://bt.custhelp.com/app/answers/detail/a_id/7447/~/how-do-i-set-up-my-non-bt-router). Others have had success with this (http://edspencer.me.uk/2015/01/18/using-your-own-router-with-bt-infinity/).

I have configured PPPoE in pfSense, and assigned it to the WAN interface, but the connection does not come up. Checking the PPP system logs shows an error:
ppp: OpenConfFile: Can't open file '/var/etc/mpd.secret': No such file or directory
I have found a solution in an old thread (https://forum.pfsense.org/index.php?topic=3997.msg24608#msg24608) and created this file manually through the SSH shell. After putting the username and password in this file, the WAN interface immediately comes up and seems to be working fine. (I'm writing this post through it!)

My problem is that this file disappears after rebooting the system, and the WAN interface does not come up automatically. Can anyone suggest what I have missed in the settings?

Chris

David_W

I suspect you are using a very old version of pfSense, as the user name and password go in the main configuration file for mpd5, which is used for the PPPoE client in recent versions of pfSense.

Really, there will not be much interest in reports of problems if you are running anything older than 2.2.4 or the new 2.2.5 release. If you are running a recent (or even a not so recent) release, have you configured the user name and password in Interfaces -> (assign) -> PPPs tab?

_Chris_

Hi David,
This was a fresh install of 2.2.4(amd64) that I updated to 2.2.5-RELEASE (amd64) the first time it connected to the internet.

I have configured the username and password in an interface named pppoe0 in the Interfaces -> (assign) - > PPPs tab. The system does seem to recognise this as the username appears in the PPP log during a connection attempt:

Nov 8 10:03:41	ppp: [wan_link0] CHAP: rec'd CHALLENGE #1 len: 34
Nov 8 10:03:41	ppp: [wan_link0] Name: "bras-red8.mqd"
Nov 8 10:03:41	ppp: [wan_link0] CHAP: Using authname "bthomehub@btbroadband.com"
Nov 8 10:03:41	ppp: OpenConfFile: Can't open file '/var/etc/mpd.secret': No such file or directory
Nov 8 10:03:41	ppp: [wan_link0] CHAP: Warning: no secret for "bthomehub@btbroadband.com" found
Nov 8 10:03:44	ppp: [wan_link0] LCP: rec'd Terminate Request #58 (Opened)
Nov 8 10:03:44	ppp: [wan_link0] LCP: state change Opened --> Stopping
Nov 8 10:03:44	ppp: [wan_link0] LCP: SendTerminateAck #3
Nov 8 10:03:44	ppp: [wan_link0] LCP: LayerDown

I have seen your comment in another thread that files in /var/ are rebuilt from the configuration, so I understand now why creating the file myself is not a suitable fix. Is there anywhere else I need to configure the username and password that will generate /var/etc/mpd.secret?

Chris

David_W

Take a look at /var/etc/mpd_wan.conf. You should have something like:

set auth authname "bthomehub@btbroadband.com"
set auth password password

towards the end of that file. It's also worth checking that there isn't a /var/etc/mpd.secret file - if there is, delete it.

_Chris_

Got it! I had the password as blank (a single space), which breaks the configuration as there is no value in the set auth password line. The password does not matter, but it needs to be a word!

Thanks for your help, David.

David_W

As you have probably realised, the password can be anything for BT Broadband and BT Infinity. You've found a rather obscure bug in pfSense - really the password in the set auth password line should be enclosed in "", which would have allowed a single space to work.

If I remember, I'll submit a pull request to make that change. If you want to experiment yourself and verify the fix I have in mind, it's around line 1700 of /etc/inc/interfaces.inc in 2.2.x, which should read:
set auth password "{$passwd}"

Enjoy pfSense - I think it's a great system.

The Computer Guy

Almost every BT "Password" I've ever seen has been Welcome1, as already mentioned, the username that's important.

Guest

@_Chris_
If things mostly go wrong or will not work out of the box, many peoples will be going to be nervous and do
some kinda following false, likes perhaps in that game here.

have you configured the user name and password in Interfaces -> (assign) -> PPPs tab?

If you are there and were typing in the name and password, did you do the following two steps ahead also?
"Save" and "Apply"? Or did you miss any button of this twos? Only perhaps I mean?

After doing this, often the modem should be really fast and short disconnected from the Internet plug and
reconnected to it to get a new valid IP address from your provider. Did you try this also?

This was a fresh install of 2.2.4(amd64) that I updated to 2.2.5-RELEASE (amd64) the first time it connected to the internet.

On what drive or storage did you install pfsense?

• SDCard, CFCard or USB Pen drive as a NanoBSD installation?
  This is often then marked as read only then! Please don´t forget this also!
• On a mSATA, SSD/HDD or SATA-DOM?
  This is then mostly installed as a full installation and write able also!

This could be clrear up to us why the "/var/etc/mpd.secret" file will be not existing any more after a reboot.
Because /var was in the RAM only!!!!

If you have or own a SSD/HDD or mSATA right to used and try out for this installation, I will suggest
you to insert it inside of your pfSense box and do a fresh and full install with 2.2.5.

David_W

I think the issue is fully understood and resolved, BlueKobold.

BT Broadband and BT Infinity require PPP authentication, but this is merely to pass a domain to the BRAS to identify which RADIUS servers should be used for authentication. The password can be anything, as BT Broadband and Infinity authenticate based on the circuit ID inserted by the DSLAM's PPP Intermediate Agent.

Chris had set the password to a single space but because pfSense doesn't enclose the password in "", mpd5 ignored the set auth password line in /var/etc/mpd_wan.conf and went looking for the password in a non-existent /var/etc/mpd_secret file.

The resolution was to set a password that consisted of something other than white space.