WAN PPPOE ROUTING

Started by mrjay84, March 20, 2023, 08:23:18 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
March 20, 2023, 08:23:18 PM
Hello Gents


I've recent moved over from a Virgin Media cable connection, which was connected via DHCP, to a fibre connection directly connected to the ONT.

The issue is I can't seem to port forward at all from this PPPOE connection despite changing the forward rules to reflect the new connection.

I'm obviously missing something simple here, any ideas chaps?
March 20, 2023, 08:50:18 PM #1
The type of WAN connection doesn't matter to the firewall rules. They work on interfaces. So probably something else in play. Unless you created some sort of aliases that changed with the isp change.
Perhaps if you show/explain your port forward rule? Verify you have a successful WAN IP (public) too would help.
Also, is there a public DNS in play, that needs to update to your new WAN public IP?
It's a bit too high level at the moment :)
March 20, 2023, 09:18:25 PM #2 Last Edit: March 20, 2023, 09:28:06 PM by mrjay84
No aliases created

I have both WAN IP both v4 and v6, although the WAN v4 IP on OPNsense is different to the actual public IP.

I'm using Cloudflare DNS updated with the correct public using a CF-DDNS container on unraid.

Using NLSlookup the Public IP is listed when looking up my domain.

The ISP has confirmed port 443 and 80 are not blocked.

The exact same forwarding rules work fine on the cable connection.

Screenshot attached. GIGANET is the WAN connection.

March 20, 2023, 10:00:45 PM #3
QuoteWAN v4 IP on OPNsense is different to the actual public IP

I'd look into that!
March 20, 2023, 10:02:30 PM #4
Shouldn't the public ip on OPN be the one on the WAN? That's all I can think of being a problem if it was working before. The ONT won't have one, it's only terminating the fiber into an ethernet connection, and OPN is requesting an IP from the ISP.
Maybe a packet capture will give clues otherwise.
March 20, 2023, 10:21:37 PM #5 Last Edit: March 20, 2023, 10:49:16 PM by mrjay84
The ISP apparently uses CG-NAT hence the different IP.

EDIT: I think I may have answered my own question there. I'll phone them first thing in the morning and ask for a public or static IP.
March 21, 2023, 12:10:33 AM #6
Quote from: opnsense-user123 on March 20, 2023, 10:00:45 PM
QuoteWAN v4 IP on OPNsense is different to the actual public IP

I'd look into that!

That was the ticket! CGNAT
Print
Go Up Pages1
User actions