OPNsense Forum
Archive => 21.1 Legacy Series => Topic started by: cduckett on May 11, 2021, 12:14:16 am
-
Had a ton of issues getting Opnsense setup correctly. Ended up having to spoof the MAC address of a my TP link router to get an accurate WAN IP address.
Still getting intermittent connections that cause Opnsense to drop the WAN connection. I tried spoofing the MAC address of the Opnsense computer for a laptop that I connected directly to the modem and that worked briefly as well.
My current setup is as follows:
1. Opnsense computer - connected to port 1 of TP link managed switch
2. Motorola MB8600 cable modem - connected to port 2 of TP link managed switch
3. TP Link Archer C7 w/ OpenWRT firmware (setup as a dumb AP) - connected on port 2 of port 3 of TP link managed switch
4. TP link TL-SG108E managed switch - used this tutorial to setup VLANs Link (https://www.joe0.com/2019/11/16/converting-single-nic-mini-pc-into-pfsense-router-firewall-by-using-virtual-lan-configuration-on-a-managed-switch/)
I have Opnsense logs and screenshots if that will help deduce what I can do to fix this issue.
-
Remove VLAN 1 from Port 2. The port to the cable modem needs to be isolated.
A cable modem will only provide an address to the first MAC it sees. Since you have a managed switch, it can be seeing the MAC of the switch management IP first So, if the TP-Link works as I expect it to, removing VLAN 1 from the CM port will make the problem go away. Make the change and reboot everything.
EDIT: Also, remove the spoofing.
-
Remove VLAN 1 from Port 2. The port to the cable modem needs to be isolated.
I thought the port for the modem needed to be connected to the same VLAN as the Opnsense computer.
My setup looks like the following:
(https://i.imgur.com/LNubN3Z.jpg)
A cable modem will only provide an address to the first MAC it sees. Since you have a managed switch, it can be seeing the MAC of the switch management IP first.
This is what I thought the problem might be.
-
The graphic looks right, but the details in the tutorial are wrong. The tutorial shows all ports also living in VLAN 1 (attached graphic). That needs to be stripped out of Port 2.
You have already seen the impact of that error by making it work (for a while) by cloning the TP's MAC. That ain't right, having the same MAC on two device in the same VLAN will always present "random" problems.
-
The graphic looks right, but the details in the tutorial are wrong. The tutorial shows all ports also living in VLAN 1 (attached graphic). That needs to be stripped out of Port 2.
Ok, I removed Port 2 from VLAN 1 as seen below. I've also attached graphic of the PVID settings to make sure these are correct as well.
Assuming that these are both correct, I should be able to power cycle my modem and make sure that the Opnsense computer is receiving a WAN IP address from the CM, correct?
-
Sounds like a plan! ;) To keep it clean, remove the spoofing config on the OPNsense WAN.
-
Well my system has been running fairly well so far; only one random disconnection but I was able to release/renew DHCP and get back up and running.
Thanks again for your help!
-
Well my system has been running fairly well so far; only one random disconnection but I was able to release/renew DHCP and get back up and running.
Thanks again for your help!
Excellent! Happy it's working.
-
So I had an extended power outage and when everything powered back on, I ran into the same issue with Opnsense not able to get a DHCP offer from the modem/ISP. Not sure what to do now. I can attach my system log but it wasn't able to resolve the WAN IP until I spoofed my Opnsense router MAC onto my laptop, connected to the CM, and then connected Opnsense computer to CM.
2021-05-17T18:11:45 dhclient[78122] No DHCPOFFERS received.
2021-05-17T18:11:28 dhclient[78122] DHCPDISCOVER on em0_vlan99 to 255.255.255.255 port 67 interval 17
2021-05-17T18:11:14 dhclient[78122] DHCPDISCOVER on em0_vlan99 to 255.255.255.255 port 67 interval 14
2021-05-17T18:11:01 dhclient[78122] DHCPDISCOVER on em0_vlan99 to 255.255.255.255 port 67 interval 13
2021-05-17T18:10:54 dhclient[78122] DHCPDISCOVER on em0_vlan99 to 255.255.255.255 port 67 interval 7
2021-05-17T18:10:51 dhclient[78122] DHCPDISCOVER on em0_vlan99 to 255.255.255.255 port 67 interval 3
2021-05-17T18:10:49 dhclient[78122] DHCPDISCOVER on em0_vlan99 to 255.255.255.255 port 67 interval 2
2021-05-17T18:10:48 dhclient[78122] DHCPDISCOVER on em0_vlan99 to 255.255.255.255 port 67 interval 1
2021-05-17T18:10:48 dhclient[78122] DHCPDISCOVER on em0_vlan99 to 255.255.255.255 port 67 interval 1
2021-05-17T18:10:48 dhclient[8012] Starting delete_old_states()
2021-05-17T18:10:48 dhclient[39362] Removing states through old gateway '192.168.100.1' (new gateway '')
2021-05-17T18:10:48 dhclient[12880] Comparing Routers: Old: 192.168.100.1 New:
My CM IP is 192.168.100.1; I've tried refusing leases from that IP but it didn't correct the issue.
2021-05-17T18:18:46 dhclient[52446] No DHCPOFFERS received.
2021-05-17T18:18:42 dhclient[52446] DHCPOFFER from 192.168.100.1 rejected.
2021-05-17T18:18:42 dhclient[52446] DHCPDISCOVER on em0_vlan99 to 255.255.255.255 port 67 interval 4
2021-05-17T18:18:30 dhclient[52446] DHCPOFFER from 192.168.100.1 rejected.
2021-05-17T18:18:30 dhclient[52446] DHCPDISCOVER on em0_vlan99 to 255.255.255.255 port 67 interval 12
2021-05-17T18:18:28 opnsense[63780] /widgets/widgets/dyn_dns_status.widget.php: Aborted IPv4 detection: no address for em0_vlan99
2021-05-17T18:18:17 opnsense[29828] /widgets/widgets/dyn_dns_status.widget.php: Aborted IPv4 detection: no address for em0_vlan99
2021-05-17T18:18:15 dhclient[52446] DHCPDISCOVER on em0_vlan99 to 255.255.255.255 port 67 interval 15
2021-05-17T18:18:01 dhclient[52446] DHCPDISCOVER on em0_vlan99 to 255.255.255.255 port 67 interval 14
2021-05-17T18:17:51 dhclient[52446] DHCPDISCOVER on em0_vlan99 to 255.255.255.255 port 67 interval 10
2021-05-17T18:17:47 dhclient[52446] DHCPDISCOVER on em0_vlan99 to 255.255.255.255 port 67 interval 4
2021-05-17T18:17:45 dhclient[52446] DHCPDISCOVER on em0_vlan99 to 255.255.255.255 port 67 interval 2
This is the log after I spoofed the Opnsense computer MAC on my laptop.
2021-05-17T18:27:20 dhclient[52446] DHCPACK from 98.XXX.XXX.XXX
2021-05-17T18:27:20 dhclient[52446] DHCPREQUEST on em0_vlan99 to 255.255.255.255 port 67
2021-05-17T18:27:18 dhclient[52446] DHCPOFFER from 98.XXX.XXX.XXX
2021-05-17T18:27:18 dhclient[52446] DHCPDISCOVER on em0_vlan99 to 255.255.255.255 port 67 interval 16
2021-05-17T18:27:03 dhclient[52446] DHCPDISCOVER on em0_vlan99 to 255.255.255.255 port 67 interval 15
2021-05-17T18:26:56 dhclient[52446] DHCPDISCOVER on em0_vlan99 to 255.255.255.255 port 67 interval 7
2021-05-17T18:26:49 dhclient[52446] DHCPDISCOVER on em0_vlan99 to 255.255.255.255 port 67 interval 7
2021-05-17T18:26:44 dhclient[52446] DHCPDISCOVER on em0_vlan99 to 255.255.255.255 port 67 interval 5
2021-05-17T18:26:41 dhclient[52446] DHCPDISCOVER on em0_vlan99 to 255.255.255.255 port 67 interval 3
2021-05-17T18:26:39 dhclient[52446] DHCPDISCOVER on em0_vlan99 to 255.255.255.255 port 67 interval 2
2021-05-17T18:26:37 dhclient[52446] DHCPDISCOVER on em0_vlan99 to 255.255.255.255 port 67 interval 2