still trying to see internet - need advice

[knowone]

Our facility has a spectum modem wtih the following configuration.
ARRIS Router
Host Name: ARRISGW
Routing Enabled
Wireless Disabled
Firewall IPSec Pass Through Enabled
Firewall PPTP Pass Through Enabled
Firewall L2tp Pass Through Enabled
LAN Settings
IP Address: 192.168.1.1
Subnet Mask 255.255.255.0
Enable DHCP server
Start IP Address 192.168.1.2
Ending IP Address 192.168.1.254
NAT Mode Route With NAT
UPNP Enabled
WAN Static Settings (You will not be able to see these from 192.168.1.1 browser)
Static Gateway IP 70.63.227.237
Static Useable IP 70.63.227.238
Static Subnet 255.255.255.252
Static DNS1 24.25.5.60
Static DNS2 24.25.5.61
WAN setup
DHCP enabled
IP Address 172.72.192.11
Subnet Mask 255.255.248.0
Gateway Address 172.72.192.1
Dynamic (IPV6)
DHCP Enabled
IP Address V6 2606:A000:DFC0:0:3010:EB7E:EFD0:EA06
Delegated Prefix 2606:A000:C1C6:ED00::
Delegate Prefix Length 56
IPV6 Gateway Address FE80::217:10FF:FE95:8A97

Called spectrum to change to bridged mode and no nat
set WAN on opnsense to:
ip 70.63.227.237, gateway 70.63.227.237, bit cont to 30 (225.225.225.252)
did not turn on dhcp
set LAN to 192.168.1.1, bit 24 (255.255.255.0)
range 192.168.1.2 to 192.168.1.254
set wan gateway as 70.63.227.237, allowed it to be name server
Spectrum can see my connected router but i can not get out to the internet.
had to set it back to dhcp with nat routing so others can still get out to internet.
What am I doing wrong?

[banym]

Hi,

i don't know spectrum but here some thoughts while reading your configuration.

When I had to use bridge modem, I got the address on WAN side assigned via DHCP.
What happens when you trie to set WAN to DHCP for IPv4 and IPv6?

On the IPv6 configuration, your IPV6 gateway has a local address, thats probably no correct. Lots of providers do things different but if you have a IPv6 address from official range, a gateway in local F80 range makes no sense to me.

Later you wrote you did set IPv4 both address and gateway to the same addresss, that makes not sense to me.

[knowone]

i have a static ip for wan.70.63.227.238 and gateway of 70.63.227.337
mask of 255.255.255.252 /30
all my lan is on 192.186.1.x
I set lan to handle dhcp and wan to handle name servers
i want lan computers to talk out to internet
What configuration do you suggest using?
At this point i do not want to configure anything else until i can prove i can get to the internet.

[banym]

This should work in a basic configuration. 

Define the IPs, turn off IPv6 if you don't want to use it.
Define your Gateway.

Check that the rules are correct to allow LAN to "ANY" if wanted.

First things you should debug is, if your firewall can ping the gateway from the WAN interface. If it can, you can try to reach out for example to 8.8.8.8 If that works, you're connected.
Then check if name resolution works for your firewall. If that works, everything should be fine and test if a client can access the internet.

Your clients need to have the firewall as default gw and then it should work.

Regards,

Dominik

[knowone]

Thank you. when you say clients should have firewall default gateway do you mean the 192.168.1.1?

[knowone]

i turned off dhcp on modem and NAT
i set opnsense to 192.168.1.254 with start of 192.168.1.2 and end of 192.168.1.254
i am able to ping anything inside the network.
i am also able to ping the modem at 70.63.227.238 (usable)
i cannot ping 70.63.227.237 (the gateway)
i cannot ping or dns 8.8.8.8
i cannot ping DNS servers at 209.18.47.61 and .62

[banym]

On WAN side you have a private network, too? If so, have you disabled the block rfc1980 and bogon network checkboxes on WAN interface side?

Maybe can you draw a diagram with all ips and interface ips to make it more clear to me what ip is assigned to what interface. you can use draw.io or similar sites.