pfSense Support Subscription

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - kcallis

Pages: [1] 2 3 4 5
Routing and Multi WAN / Re: Routing issue with AT&T?
« on: January 09, 2018, 10:13:18 am »
I noticed that my WAN interface was still showing the network as opposed the public address.

I would look at the rules. Personally not a big fan of double nat

Thank for suggesting to look at my rules. Of course, the issue wasn't my rules, but the search mode of looking for everything caused me to look for other things that were out of whack. I was looking at the Dashboard and noticed that I was seeing on top of the normal DNS servers, I was also seeing (localhost). I took at look at System/General Setup and realized that I had not checked the Disable DNS Forwarder. One check of a box, and lo and behold packets were resolving and running out into the wild frontier of the internet.

Another nice thing was that finally I was able to get the IP Passthrough working and now my WAN interface now shows the public IP address. Life is groovy!

Routing and Multi WAN / Re: Routing issue with AT&T?
« on: January 07, 2018, 08:31:35 pm »
So I switch from Spectrum to A&T.  I was fine with my SB6121->pfsense->LAN, but now that I have the BGW210-700->pfsense->LAN, I can't seem to get to the internet from anything behind pfsense.  I have IP Passthrough enabled on the BGW210, but still no internet.  I can ping from pfsense, but no internet from the LAN.  I can update packages on pfsense as well.  I have changed the pfsense LAN to 192.168.2.x since the BGW210 is 192.168.1.x, but other than that, nothing else has changed.

If you have an ip passthrough, is your Wan interface on pfsense getting a public ip?

There is something more to it thatís missing. Could be something with routing/gateway or rules but cannot say anything without looking at it

I noticed that my WAN interface was still showing the network as opposed the public address. It is interesting to me that initially, one VLAN stopped connecting to the internet, but the other VLAN was working fine. After my reboot, both VLAN failed to connect to the internet. I truly wished that I didn't have to use AT&T as a provider!

Routing and Multi WAN / Re: Routing issue with AT&T?
« on: January 06, 2018, 11:38:37 pm »


       Just reboot pfsense it should start working. This happens if your lan ip series becomes wan ip series.... i mean I did the same ... rebooting resolved the issue.


I have already done that.  I have also verified both IPv4 and IPv6 is enabled on the WAN of pfsense.

I am running into the same issue. Granted, I have multiple VLANs in play, a couple of days ago, one of my VLANs (The one that I use for management) stopped connecting to the internet. For awhile, the VLAN that I use for clear traffic (pretend this is my LAN) worked, but while trying to see what this issue is, I rebooted my APU and suddenly, the VLAN no longer connected to the internet. Like you, I also am trying to use IP Passthru, but my WAN interface is still showing at the network that I have the DSL modem set to, and the only way that I can access the internet is through using the wifi interface on the BGW-210 modem.

Any other suggestions?

General Questions / Re: Proper setup of switches
« on: January 04, 2018, 02:24:25 am »
The re drivers and the APU work fine even with dot1q. They are workhorses.

Being miserly is fine but that switch is broken. Get a D-Link DGS-1100-08. They're about $30 and they actually work.

I will go replace with the DGS-1100. I am somewhat confused, since the result of what I was trying to achieve seems to be working. On the SG108, I have the LAN interface on port 1; I have the OPT interface in port 2, which has VLAN[5, 10, 15, 20] trunked; I have my TL-Link WA901ND AP with multiple SSID using VLAN[5, 10, 15, 20] tagged on port 3 on the switch.

When I connect to a particular SSID using DHCP, I am assigned the appropriate IP address from the correct VLAN. I don't normally hard connect to the untagged ports, but if I create a static address in any of the VLANs or the LAN, I have proper connection on the subnet, I am unclear on the purpose of a untagged port as well as the PVID, but everything seems to work as I think is should be doing. So what does it mean that the TP-Link has issues?

General Questions / Re: Proper setup of switches
« on: January 03, 2018, 01:49:03 am »
Yeah sorry but between the re0 (realtek) and TP-Link, your gonna have a bad day.  :P

Assuming you can pop in a PCIe card, you can ebay some new gear for less than 50 USD and have intel NICs and a Cisco gigabit 24 port switch  ;) A bit more to learn but its not that bad. Cisco has amazing documentation.

Well, it is what I have to work with... I could switch to equipment at the home location. But the reality is that I am trying to be a miserly as possibly on power since I am using the my travel trailer that I use when I am working. So the need for the APU, a decent low powered switch and probably the Nanostation.

General Questions / Re: Proper setup of switches
« on: January 01, 2018, 11:47:09 pm »
(although, I am actually using a Tl-Link SG108E)

Bad choice.  TP-Link switches don't handle VLANs properly.  There's another thread about problems with the similar SG105E.

Well, I have Netgear GS108E v2 (which is why I was using the TL-Link because of being able to access via the web interface as opposed to the configuration program for the v2) or a Mikrotik Routerboard RB951Ui (which I really didn't want to mess with because of the learning curve). Would any of these work better?

General Questions / Re: Proper setup of switches
« on: January 01, 2018, 08:06:44 pm »
Well you would really have something like this:

WAN (re1) -- DHCP
LAN (re2) --
OPT1 (re0.5)   VLAN05 -->
OPT2 (re0.10)  VLAN10 -->
OPT3 (re0.15)  VLAN15 -->
OPT4 (re0.20)  VLAN20 -->

The switch port connected to re0 would have to have VLANs 5, 10, 15, and 20 TAGGED on that switch port.

I cleaned up my original posting. I have the trunk on port 2 with all of the VLANS as well as with port 3.

General Questions / Proper setup of switches
« on: January 01, 2018, 07:39:18 pm »
I am using a Netgate APU with three interfaces:

WAN (re1) -- DHCP
LAN (re2) --
OPT (re0) --  VLAN05 (re0.5)    -->
                    VLAN10 (re0.10)  -->
                    VLAN15  (re0.15) -->
                    VLAN20  (re0.20) -->

I have used the baseline guide along with nguvu's guide to making use of the Netgear GS108E switch (although, I am actually using a Tl-Link SG108E), but somewhere I am blowing it, since after I reboot, I am not able to access any of the interfaces and I have to do a factory reset.

I have connected my LAN interface as well as my OPT interface on the switch and have set the address to (which is my MGMT VLAN05). I also have my Ubiquiti NanoStation connected to the switch ( I have tagged port 2 on the switch with my VLANS 5-20 as well as port 3 as well (which is connected to the Ubiquiti NanoStation with the VLANs configured on the NS). If I am clear then the remaining ports should be untagged. But once I reboot the APU, I am not able to connect to any port.

I have a second switch, the Netgear GS108E. I am wondering if since I have the first switch set to the but I have the LAN interface, plugged into the same switch, is that what might me causing the fact that my LAN interface is conflicting with the OPT interface on the same switch? Maybe I need to plug the LAN interface into the second switch?

Any pointers would be appreciated!

So is it worth my time to make use of TS with such a low bandwidth allocation?

The need for a shaper has nothing to do with your bandwidth.  The question is, are you having any problems on the network that a shaper could help with?  If your voip calls always work well and you aren't having any problems then I'd leave it alone.  If your voip calls & video streams are getting stepped on when there is a lot of other traffic then yes you could use a shaper.

Start with PRIQ instead of HFSC.  PRIQ doesn't require any bandwidth allocation like HFSC does, and it's a LOT easier to understand and configure.

I will give that a try! And yes, my phone calls are horrible, so that is my highest priority.

Traffic Shaping / Is there any real benefit with a 12Mbit/1Mbit connection?
« on: December 15, 2017, 12:12:27 pm »
I have been relegated to a DSL connection that is 12Mbit down and 1Mbit up. I set the download to 10.5Mbit and 0.9Mbit up and the results are not decent. I am trying to make use of VOIP as well as trying to maintain decent speed on my video streaming (using Kodi). I thought that if I used a 400k for hangout audio, that I would at least have a decent conversation, but no go. The same is true when I am using Kodi. Sometimes, (at SD quality) I have decent playback, but should it fall to 720, playback it just drops. So is it worth my time to make use of TS with such a low bandwidth allocation?

General Questions / Re: How to make use of VLANs
« on: December 15, 2017, 09:07:20 am »
Thanks for all of the pointers from everyone. I decided to forgo the VLAN multi SSID feature of the TL-Link AP and move it over to the LAN. I do have a Ubiquiti NanoStation loco M2 that I thought that I would swap with the TL-Link, but until I can understand the VLAN process, I will save that for another time.

General Questions / Re: How to make use of VLANs
« on: December 14, 2017, 11:31:37 am »
Lets see your rules..

I have attached what I am working with...

General Questions / Re: How to make use of VLANs
« on: December 14, 2017, 11:13:33 am »
You have to set up a trunk port on the switch to connect to the AP and also pfSense.  This will allow it to carry all VLANs.  You then configure pfSense with VLANs.  However, I have that same AP and it doesn't handle VLANs/SSIDs well.  TP-Link doesn't seem to understand the concept of VLANs and how they're supposed to be logically separate.  As I result, traffic from the native LAN will be mixed in with the VLAN.  After much frustration, I gave up on the idea of VLANs & multiple SSIDs on it.

BTW, I had a lot of discussion with first level support about this issue and that person insisted it was normal.  It was only the person at 2nd level support who understood the problem, but there was no fix forthcoming.

What I was able to do was to more or less replicated port 1 that is the trunk back to the OPT1 and did the same on port 2 with the TL-Link AP connected. At first, everything was moving along well, VLAN 15 (My wireless access to the net) gave out an address and the same is true with VLAN 50 (which are my streaming devices). I was able to see the SSIDs so it looked like a win. I have been banging around with the firewall rules because not a single rule seems to be working. For instance, I am able to get a receive an address and I am able to ping each of the gateway of each interface, but as for as pinging other devices, it is a no go. I am also not able to route through the WAN, so no internet for me right now.

General Questions / Re: How to make use of VLANs
« on: December 14, 2017, 10:32:21 am »
there is bunch of discussion in another thread heard about the tplink switches and a hack to remove the vlan 1 nonsense.

But I would suggest you get a different switch the dsg1100 from dlink is same price point and handles vlans correctly.

I have lack of confidence that the tp-link AP handles vlans correctly either.  I would suggest another AP, the unifi line handles vlans correctly.  And very reasonable priced.

The issue is not with the switch (which is a Netgear GS108E) which working fine, it seems to be an issue with the TL-Link AP and it's poor understanding of VLANS.

General Questions / Re: How to make use of VLANs
« on: December 14, 2017, 10:27:39 am »
Thanks for the suggestions... I have just did a factory reset and for the time I will just use the TL-Link as a simple AP until I move over to something else.

Pages: [1] 2 3 4 5