1
General Discussion / Using opnsense for IP passthrough
« on: March 10, 2024, 12:35:14 am »
Hi,
I am fairly new to opnsense so apologies if this might be a simple configuration that I can't seem to get my head around. I have tried looking for similar topics on forums for both opnsense and pfsense but haven't found a similar example.
The background to this is I already have a peplink as my edge router and have been using that for a while with no issues, recently I upgraded my internet from cable to fibre and my isp proveded a nokia ONT with a tp-link deco as a router, they use pppoe for my wan connection.
Now my ISP allows me to use my own router to establish pppoe, but I have run into a hw limitation issue with my peplink that limits my speed to about 100mbps (actual speed is 500mbps), this seems to be due to the processor not being able to keep up with the pppoe overhead.
if I use the deco to establish pppoe, speeds are fine, but I'm double NATed which also is a no go and the tp-link deco basically has almost no configuration capabilities so IP passthrough from it is also a no go.
Enter opnsense, I have spun up a vm and tested the pppoe connection through it and I get the proper speeds, but at this time, it will be too much work to convert all of my peplink configurations to opnsense and use that as my primary, so here is what I want to do, I have attached 3 interfaces to the opnsense vm, 1 is purely for management and gets an IP on my mgmt vlan. The other 2 interfaes on the vm are actually a 1:1 virtual to physical nic (not pcie pasthrough, just a vswitch with only one virtual network on it attached to a specific physical nic) I want to do an IP passthrough or some sort of bridged connection from the wan port on the opnsense which is connected directly to the ONT and the third interface which would connect to my peplink wan port. I essentially want opnsense to handle my pppoe but passthrogh the wan to my peplink without double nating.
I am trying to understand how opnsense is configured more and more but I have not been able to find anything relevant to what I'm trying to accomplish, any insight would be greatly appreciated.
I am fairly new to opnsense so apologies if this might be a simple configuration that I can't seem to get my head around. I have tried looking for similar topics on forums for both opnsense and pfsense but haven't found a similar example.
The background to this is I already have a peplink as my edge router and have been using that for a while with no issues, recently I upgraded my internet from cable to fibre and my isp proveded a nokia ONT with a tp-link deco as a router, they use pppoe for my wan connection.
Now my ISP allows me to use my own router to establish pppoe, but I have run into a hw limitation issue with my peplink that limits my speed to about 100mbps (actual speed is 500mbps), this seems to be due to the processor not being able to keep up with the pppoe overhead.
if I use the deco to establish pppoe, speeds are fine, but I'm double NATed which also is a no go and the tp-link deco basically has almost no configuration capabilities so IP passthrough from it is also a no go.
Enter opnsense, I have spun up a vm and tested the pppoe connection through it and I get the proper speeds, but at this time, it will be too much work to convert all of my peplink configurations to opnsense and use that as my primary, so here is what I want to do, I have attached 3 interfaces to the opnsense vm, 1 is purely for management and gets an IP on my mgmt vlan. The other 2 interfaes on the vm are actually a 1:1 virtual to physical nic (not pcie pasthrough, just a vswitch with only one virtual network on it attached to a specific physical nic) I want to do an IP passthrough or some sort of bridged connection from the wan port on the opnsense which is connected directly to the ONT and the third interface which would connect to my peplink wan port. I essentially want opnsense to handle my pppoe but passthrogh the wan to my peplink without double nating.
I am trying to understand how opnsense is configured more and more but I have not been able to find anything relevant to what I'm trying to accomplish, any insight would be greatly appreciated.