Pfsense with WISP

G

getafix33

Expert Member
Joined
Nov 16, 2006
Messages
1,803
Reaction score
84
Hi

I have a WISP internet connection and would like to implement Pfsense.

Correct me if m wrong but would i have double nat’ing. I asked my provider if my pfsense could establish the ppoe connection and he said he could put my AP in flat mode. Not sure what that means .

Any ideas how I could get this to work?

Regards
 
Thanks for the reply.

The IP address of my AP (Litebeam Gen2) is 192.168.1.1

In the WAN config of Pfsense do I set the interface as static and give it say 192.168.1.2?
 
Apart from the wifi dish on your roof, what kind of hardware is supplied by your WISP?
 
Is there a PPPOE connection on the WAN port of the Litebeam?

Who is the WISP?
 
portcullis said:
Is there a PPPOE connection on the WAN port of the Litebeam?

Who is the WISP?
Click to expand...

I think it’s setup as a ptp connection. Basically connects to a high site and then to the net.

Wesleywalker technologies.
 
Ask Wesley to reconfigure your radio to run as a wireless bridge with an internal IP address on his network and to give you the PPPOE details for your account. Then put the PPPOE onto the WAN of your pfSense box.

Before you commission the pfSense box, have a look at OPNsense...

We have many of those specific Ubiquiti radios attached to micropops. None of then run PPPOE / have public IP addresses for the following reasons.

  • Firstly, the little processors on those radios aren't exactly high end ARMs. The radios struggle, even when the connection is 20Mb.
  • More importantly, we've found that undesireables are attracted to Ubiquiti devices with public IP addresses like moths to flames. We therefore have a policy where all the Ubiquiti devices have 192.168 addresses and run as dumb bridges, with proper routers or firewalls doing the work behind them.
It's all well and fine for a WISP to pop these radios up with a PPPOE and save quite a lot of money in the process, but those savings are wiped out as soon as your techs have to visit a couple of thousand homes and businesses to reprogram the radios after a worm gets into one and burrows through the network, infection one radio after another.

https://www.symantec.com/connect/blogs/thousands-ubiquiti-airos-routers-hit-worm-attacks

Even today, there are radios in the wild that haven't been patched.
 
portcullis said:
Ask Wesley to reconfigure your radio to run as a wireless bridge with an internal IP address on his network and to give you the PPPOE details for your account. Then put the PPPOE onto the WAN of your pfSense box.

Before you commission the pfSense box, have a look at OPNsense...

We have many of those specific Ubiquiti radios attached to micropops. None of then run PPPOE / have public IP addresses for the following reasons.

  • Firstly, the little processors on those radios aren't exactly high end ARMs. The radios struggle, even when the connection is 20Mb.
  • More importantly, we've found that undesireables are attracted to Ubiquiti devices with public IP addresses like moths to flames. We therefore have a policy where all the Ubiquiti devices have 192.168 addresses and run as dumb bridges, with proper routers or firewalls doing the work behind them.
It's all well and fine for a WISP to pop these radios up with a PPPOE and save quite a lot of money in the process, but those savings are wiped out as soon as your techs have to visit a couple of thousand homes and businesses to reprogram the radios after a worm gets into one and burrows through the network, infection one radio after another.

https://www.symantec.com/connect/blogs/thousands-ubiquiti-airos-routers-hit-worm-attacks

Even today, there are radios in the wild that haven't been patched.
Click to expand...


Thanks mate.......

I have asked Wesley to do exactly that.

Regards
 
Update, I have the PPPoE settings entered into Pfsense and receive an external IP, however i cannot get on to the net.
DHCP is setup and handing out address'

Everything else is set to default.

Any ideas what the issue could be?

Regards
 
Do you have a rule to NAT your traffic from your internal network out over the PPPPOE interface?
 
I dont have and suspected that to be the issue. Under NAT do i configure 1:1 or Outbound?
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X