Hello everyone
After a week of tinkering, I now have potatoes on my eyes rather than eggs.
So I just can’t manage to configure pfsense 2.4 so that I can access the Internet with a bridged AX7501 (with VLAN 10 switched on).
What works: pfsense box placed in the DMZ at Zyxel, but that’s just an auxiliary growl…
Any help welcome (screenshot perhaps?)
An overtired smallpot greets us from the cold
Hello Werner
Followed the instructions as listed here, including the latest version with pfsense 2.4.5, all to no avail.
After four hours of practice, shoes were thrown in the corner and the Swisscom modem was reinstalled (two minutes), because Zyxel didn’t want to do it anymore either.
So, how exactly does this work with option 60?
Quotes from the site:
By the way, with pfsense 2.3 there is no longer any need to fiddle with the internal files, you can click on the option: “[X] Configuration Override” under WAN -> Advanced under: “DHCP Client Configuration”.
Then create a new file in pfsense, e.g.: /etc/dhclient.conf with the following content:
interface “{interface}” { send dhcp-class-identifier “100008,0001,pfsense 2.3”;}
This means that DHCP option 60 is set correctly. 🙂
It should be “update-resistant”, but I don’t know yet whether it will also hold up during backup/restore… 😉
Try with the following string:
| |
| — |
| interface “{interface}” {send dhcp-class-identifier “100008,0001,pfsense 2.4.5”;} |
Is that the solution? Or is there another?
Hello everyone
So I was “trapped” in the 100.90.x.x subnet (CGNAT) and from there I couldn’t even reach the gateway in the subnet.
With the help of Swisscom Support it was then possible to check that I was not activated for CGNAT, but still received an IP from this segment.
After several IP changes/resets by Swisscom support it worked. Thanks to Swisscom Support, especially Ms. Michelle Panzera
@Smallpot If you connect another router to the Swisscom network, you must always register via www.swisscom.ch/access or www. swisscom.ch/registration is necessary otherwise nothing will work. It may take up to 1 hour for it to work, in the worst case scenario.
Hello
After another few hours of unsuccessful attempts, I first set IB3 to 192.168.2.1 and placed all Swisscom and WiFi boxes on this network.
At the same time ax7501 configured as 2.1, with 192.168.2.222 defined as DMZ.
Ax7501 connected, after three reboots on the Swisscom Internet, all TV boxes and WiFi boxes (defined as AP) work perfectly and everything has a fixed IP. This WiFi network is defined as backup only or as a guest network. ax7501 provided with Open-VPN, tests etc still need to be done.
pfsense wan1 as 192.168.2.222 static with bridge 192.168.2.1, lan1 as 192.168.1.1/24 with all compis cameras nas etc. on it. Setting up firewall, nextdns.io (instead of pihole etc), Open-VPn and from 2.5.0 wireguard (nordvpn wireguard on pfsense as well as on all PCs, Macs, NAS etc). Alarm systems with camera and external alarm center work (ie correct ports opened etc)
Today I switched to fanless Zyxel 10g (instead of loud unifi), usgx16 has already been replaced by fanless Supermicro e302-9d, 24 poe unifi through fanless unifi24ports, 16 of them poe for unifi hotspots.
This is the end of 10 days of Netlab, everything is silent (wife happy), xgspons new delivers about 5 to 6 up/down, pfsense with nextdns still delivers many more hours of hobby and improved security)
Wan2 decision still to come (upc or 5g wireless) and try to get pfsense with external Swisscom adr (but only at the end).
Thank you everyone for your very helpful advice, I couldn’t have done it without it!!
PS If you would like to give away Unifi Mat (2 years old) cheaply, please send me a PM.
Best of the warming mountains of smallpot
