Setting up Spark (NZ) UFB PPP settings

[dazz]

Hi
I am new to Opnsense, trying to connect to a Ultrafast Fibre Broadband connection by the local telco called Spark (formally Telecom).

The settings to make the connection are found here:  https://www.spark.co.nz/help/internet/set-up/non-spark-modem/.  The list of New Zealand telcos pre-configured within Opnsense includes Telecom, which hasn't existed for over 10 years.

It has been years since I have had to configure any router to connect with a telco.  I am having difficulty setting up the home WAN connection.  I have scanned through the settings and options available on the Opnsense GUI and set what I can.

Please advise how I configure Opnsense to connect to a Spark UFB.
How do I request the setup Wizard be updated for Spark?

Any assistance would be appreciated.

[pouakai]

I've been using Spark with Opnsense for quite a few years now.   

Spark uses PPPOE over VLAN 10.  Setting up a VLAN over the the WAN connection is very important.  Interfaces -- Other Types -- VLAN.  Then set up PPPOE (under point-to-point) over the VLAN.

Username and password  are not used, but Spark recommends you put 'some' value in there to keep software happy.  MTU they recommend 1500, which seems to be fine for me.  The other parameters on the Spark web page aren't important.

I'm running steadily at 300 Mbps, which is my assigned line speed.

[dazz]

Hi
OK I will give the PPPOE setup a try when I can take down the connection (working from home).

[dazz]

Hi
Not working yet.

I only have the option of changing a few settings.  These are:
PPP protocol  :  PPPoE
PPP username : user@spark.co.nz
PPP password : password
VLAN : 10
MTU : 1500

Apart from not being able to get onto the Internet, it all seems to be working perfectly 😉!  I can't ping 8.8.8.8.

If I trying pinging from the opnsense CLI, I get a message $>ping sento: Host is down.
pinging from the laptop running the GUI gets a nil response.   I am not seeing any obvious error messages.
Maybe I need to adjust the firewall rules??

All of the above settings are accessible on the opnsense GUI.  I think they should be enough to get connected.  I am probably missing something small but really important.



FYI I would rate my own skill level as intermediate, meaning I am comfortable on the CLI, writing scripts, delving into config and log files.  I am definitely not a Linux guru. 

[pouakai]

Firstly, I wouldn't be playing with the firewall rules.  The defaults should work fine.

In Lobby:Dashboard, look under Gateway.  Is there an IP address and a green light for WAN_PPPOE?
Just below Gateway is Interfaces.  Is WAN up (green arrow) and does it have an IP address?

Have a look at the log file under Interfaces --> Point-to-Point --> Log file.  Put the top right drop down box to 'debug'.
Does Interfaces --> Diagnostics --> Netstat --> Interfaces show PPPOE?

Finally, is PPPOE down and needs to be started the first time? I think this done when you save the settings.  I can't remember.

[Fuk_Baey]

HI Dazz, I would have replied in GZ but that is now too PC.


I Agree with @pouaki, leave the default rules and it should just work fine, 

you need to make sure that you are resolving a IP from the Spark Radius server, and also need to make sure you have tagged the interface with the VLAN (I still dont knwo why here in NZ they are using a VLAN on the WAN)

Also who is your LFC? is it UFF or Chorus?

On the Wan interface i would leave the MTU blank as Opnsense Should Calculate this for you.

Have you assigned the PPPoE to the interface with the VLAN? then selected the correct interface with all 3 items in the assignments tab?

We run alot of Opnsense and have alot out in the Wild, and highly rate it!! ita an awesome Appliance!

If you are in the tron i could help out if needed, Feel Free to DM Me

[dazz]

Firstly, I wouldn't be playing with the firewall rules.  The defaults should work fine.

I haven't touched any firewall rules.  They look OK to me for now.

In Lobby:Dashboard, look under Gateway.  Is there an IP address and a green light for WAN_PPPOE?

No (see screen shots)

Just below Gateway is Interfaces.  Is WAN up (green arrow) and does it have an IP address?

Yes  & No

Have a look at the log file under Interfaces --> Point-to-Point --> Log file.  Put the top right drop down box to 'debug'.
Does Interfaces --> Diagnostics --> Netstat --> Interfaces show PPPOE?

There are 2x ppoe interfaces.  The one I have configured for Spark,  and another that is automatically generated with default settings.  It is like the software isn't finding the config it needs to associate the Spark pppoe with the port.   

Finally, is PPPOE down and needs to be started the first time? I think this done when you save the settings.  I can't remember.

pppoe has been restarted multiple times.

I am not seeing any error messages indicating a fault.  I think I have incorrectly configured something, but it is not clear to me what that something is.

It appears to me that igb0 is being identified as a new (undefined) interface that needs to be associated with vlan10 or pppoe1(igb0)-spark.

I did start by associating the interfaces i.a.w the instructions, including the WAN.
My firewall  is a fanless 4x LAN PC.  igb0 is the assigned WAN port and doesn't work.  igb1 is the Red LAN port, and that works OK.

[dazz]

HI Dazz, I would have replied in GZ but that is now too PC.


I Agree with @pouaki, leave the default rules and it should just work fine, 

you need to make sure that you are resolving a IP from the Spark Radius server, and also need to make sure you have tagged the interface with the VLAN (I still dont knwo why here in NZ they are using a VLAN on the WAN)

Also who is your LFC? is it UFF or Chorus?

I am not getting an IP from Spark.
Chorus

On the Wan interface i would leave the MTU blank as Opnsense Should Calculate this for you.

Done

Have you assigned the PPPoE to the interface with the VLAN? then selected the correct interface with all 3 items in the assignments tab?

I thought I had (followed the instructions) but I think this part of the config is broken.

We run alot of Opnsense and have alot out in the Wild, and highly rate it!! ita an awesome Appliance!

If you are in the tron i could help out if needed, Feel Free to DM Me

tron ??

Thanks for the help.

[pouakai]

Hi Dazz,
I'm away in the Central North Island (Tongariro) now for the break, so I can't see my own setup for comparison. And I'm not from the Tron (aka Hamilton)  ;)
I can see you've got two PPPOE when you should have one only.  Neither of them are on the VLAN 10, which you seem to have (good).  Looks like WAN is there too.
I would delete both PPPOE and create a new one on 'VLAN 10 on igb0'.  I think after that you should be good, but let us know how it's going (or not).

[dazz]

Hi Dazz,
I'm away in the Central North Island (Tongariro) now for the break, so I can't see my own setup for comparison. And I'm not from the Tron (aka Hamilton)  ;)
I can see you've got two PPPOE when you should have one only.  Neither of them are on the VLAN 10, which you seem to have (good).  Looks like WAN is there too.
I would delete both PPPOE and create a new one on 'VLAN 10 on igb0'.  I think after that you should be good, but let us know how it's going (or not).

Hi
OK so I only created one PPPOE (the Spark one).  The other one gets created for me.  I have already tried what you said.  The unwanted PPPOE keeps coming back, so I think there is something wrong with my config that makes opnsense think the Spark PPPOE is invalid but I am not getting any error messages to tell me why a PPPOE is being created.  I probably need to be able to turn on a debug mode.

[dazz]

Hi
I have had another go at setting up a connection with Spark UFB. 
I have used this blog as a template: https://homenetworkguy.com/how-to/configure-vlans-opnsense/
It basically defined the process I had already followed, with the same results.  I am not getting a DHCP IP lease from Spark. 

Part of the problem may be the setup of the interface ip.  I need a static address assigned from my network side.  The Spark side will allocate a ip lease.    I see ambiguity related to DHCP.  Does that option consume or produce leases?  I don't see the option of receiving a IP from a DHCP server (Spark).

This has been much more difficult than it should be.  Something is wrong with my configuration, but I am not seeing info that might help me to find the problem.    I have a working knowledge of network configuration.  I know about vlans and dhcp servers etc.

Any help would be appreciated.

[Greelan]

Is this any help? https://www.geekzone.co.nz/forums.asp?forumid=39&topicid=193692

[dazz]

Hi
Thanks for taking the time to post.  Unfortunately it hasn't helped. 
I should be able to look in the log files to see why the connection is failing to connect.  When I look, the contents are corrupted and unreadable.  I haven't investigated to find out why. 

I am probably doing some small detail incorrectly.  I am not seeing anything to help me find the problem. 
I don't see anything that allows the log levels to be turned up to provide debug info.   

[pouakai]

Spark doesn't use DHCP.  Spark uses PPPOE.  When you get a successful PPPOE connection, an IP address will be assigned as part of the PPPOE negotiation.

For debugging PPPOE logs have a look at my earlier post.
 
I can see from your screenshots provided that you didn't have PPPOE on VLAN 10 then.  Also the two PPPOE interfaces is very odd.  Time to do a system reset and start over?

[dazz]

Hi
I am now getting a connection to Spark UFB.  I can see the IP and gateway on the dashboard.

I have only configured two interfaces.  Spark and a LAN.

The problem I now have is that I can't ping the Internet. (8.8.8.8).  My previous firewall software allowed me to specify a static gateway ip that was routed out to the WAN.  I had 4 ports.  WAN, Red, Orange, Blue.  Each port was on a separate subnet and each had a gateway ip. 

Right now, I can't ping from the firewall PC CLI out to the internet (keyboard and display interface) or through the LAN interface.   I can ping the Spark DNS server ip.  I can't ping the internet (8.8.8.8)   The pppoe setup allows me to enter local gateway ip but these are forgotten even after saving.