Marconi in Route and Bridge mode simultaneously

F

firewall

Well-Known Member
Joined
Jul 24, 2006
Messages
183
Reaction score
0
Hi

I have been trying for days now to get this working.

We have a small network at work. Our ADSL line is connected to a Telkom Marconi router (4 ethernet port switch) and set up in route mode.

I recently installed Ubuntu on a new box for personal use at work. Our ADSL ISP account is getting threateningly close to the cap every month, which is why I would like to get another Openweb account for personal use to be used on the work's existing line. I initially thought that I could simply dial another PPPoE account from by new box, but as most of you probably can tell me, the Telkom router simply does not want to dial a PPPoE connection from a PC when its Pvc0 is already in Route (PPPoE) mode.

So here are the questions:
1) Is it at all possible to use the Marconi router to dial a PPPoE connection as well without changing to bridge mode. Security is paramount here, and the firewall physically isolating us from the ADSL side is nice.

2) If I were to change the setup to use PPPoE, what would the security implications be. What bothers me is that the Marconi router has the public side on its WAN (ADSL) port and our network on the other at current. After changing it, does it mean that our private network might be at all publicly accessible?

Thanks
Firewall
 
1) Is it at all possible to use the Marconi router to dial a PPPoE connection as well without changing to bridge mode. Security is paramount here, and the firewall physically isolating us from the ADSL side is nice.
Click to expand...

No, the router has to be in bridge mode for two pppoe connections or more.

2) If I were to change the setup to use PPPoE, what would the security implications be. What bothers me is that the Marconi router has the public side on its WAN (ADSL) port and our network on the other at current. After changing it, does it mean that our private network might be at all publicly accessible?
Click to expand...

I don't know what the security implications will be, I use pppoe on a home network and I haven't found any. Just make sure how you configure the router, the best is to leave most default settings in place, read up about NAT and turn on all the firewall options.

I'm not that good with networking, but I hope something I said helped.


If you are looking to add another internet account, check out "route sentry"
http://antibody.za.net/extras/routesentry.php

made by local forumite ant1body :)
 
Thanks teraside

If you dial a PPPoE connection from a PC (meaning the Marconi is in bridge mode), doesn't it bypass the marconi modem's firewall and NAT system?
 
I'm not sure, I've setup my router(the same as yours) so that the Ethernet controllers (NIC's) have a static IP, I added both pc's IP's to the NAT configuration and I still have to forward ports when using p2p applications, so logic says if I need to do port forwarding the router does it's job. Also I can't ping external adresses if ICMP is activated in the firewall.
 
My experience has been slightly dufferent. I have my router in bridged mode and always dial up my connections from my computer. When I went to my friends house, I used my dial up that I use for the brigded connection and it worked. His normal mode also still worked. Seen this with two Marconi routers. Note that what I mean is not that you can set the router to dial two connections at once. But the router can be set up to be in normal and bridged mode symaltaniously.

To really find out, try it.
 
Last edited:
With marconi routers you can have it in PPPoE routing mode with bridge support at the same time.

If you dial a PPPoE connection from one of the computers on the network you will totally bypass the Firewall on the router.
 
firewall said:
Thanks teraside

If you dial a PPPoE connection from a PC (meaning the Marconi is in bridge mode), doesn't it bypass the marconi modem's firewall and NAT system?
Click to expand...

That is affirmative... all firewall and port settings are thus controlled by the computer... marconi routers are able to dial and connection via PPPoE as well as route one.. just leave bridge enabled and encapsulation set to PPPoE LLC and you shouldnt have a prob. Some marconi routers tho have been known not to do this tho, needs a firmware update...
 
Surv0 said:
That is affirmative... all firewall and port settings are thus controlled by the computer... marconi routers are able to dial and connection via PPPoE as well as route one.. just leave bridge enabled and encapsulation set to PPPoE LLC and you shouldnt have a prob. Some marconi routers tho have been known not to do this tho, needs a firmware update...
Click to expand...

Just to clarify, the white 4port "ADSL Router Broadband", black 4 port "ADSL Router Broadband" and the Ugly little box WiFi routers should all do it without a problem. The old 1 ports don't AFAIK and the old 4 beige ports require a firmware update. Not sure about the others.
 
Thinking about it actually, if you had to use it through a switch, it would make sense to be able to bridge and route at the same time, but if its just used on a homenet which most single port routers are used on, it wouldnt make sense to be able to use bridge and route at the same time. because if you use bridge through it, any body connected to ur computer would just be able to piggy back ur connection.
 
Surv0 said:
Thinking about it actually, if you had to use it through a switch, it would make sense to be able to bridge and route at the same time, but if its just used on a homenet which most single port routers are used on, it wouldnt make sense to be able to use bridge and route at the same time. because if you use bridge through it, any body connected to ur computer would just be able to piggy back ur connection.
Click to expand...

But then again, anyone with a Telkom 1 port should probably replace it with a real ADSL router anyway, can you beleive I've actually seen a performance increase when replacing one of them :D
 
Thanks guys, but I still can't get it working.

This is the exact model of the router:
http://www.marconisa.co.za/4portsadsl.htm

Its firmware status is as follows:
Firmware Version: CX82xxx_4.1.0.9
Customer Software Version: 4.1.0.9_F2_MAR_03

The firmware might be old. Where/how can I get an update?

Currently it is configured as follows:

Pvc0
Virtual Circuit - Enabled
Bridge - Disabled
IGMP - Disabled
Encapsulation - PPPoE LLC
Username and password of default account entered.

Pvc1
Virtual Circuit - Enabled
Bridge - Enabled
IGMP - Disabled
Encapsulation - 1483 Bridged IP LLC
Username and password left blank

PPP is set up to automatically "dial" the Pvc0 interface and works fine.

When I set up a PPPoE connection from my PC, or any PC on the network I receive Error 678. Basically saying that the remote computer is not responding. I tried enter the details on the router itself on Pvc1 (leaving Pvc1 intact) and using the PPP page to connect Pvc1. It tries for a few seconds and then replies: Connect FAILED

I am using the Telkom guest account (guest1@telkomadsl; guest1) just to test this with. If anyone has any suggestions, please don't hesitate.
 
Great!! Got it to work. Missed the crucial piece of advice in Surv0's post:
"just leave bridge enabled and encapsulation set to PPPoE LLC and you shouldnt have a prob"

Thanks Surv0. I had trouble getting it to work since changing the mode on Pvc0 (the routed interface) causes the router to crash while trying to save and reboot. After fiddling about and changing each setting one at a time and then saving and rebooting, I managed to get it to save the details.

In short, our default connection is routed by the Marconi, and I can dial a second PPPoE connection from any PC on the network. Just in case anyone is wondering the setup is as follows now:

Pvc0
Virtual Circuit - Enabled
Bridge - Enabled (!!!! Without this, it seems you cannot dial a PPPoE connection from a PC)
IGMP - Disabled
Encapsulation - PPPoE LLC
Username and password of default account entered.

Pvc1
Virtual Circuit - Enabled
Bridge - Enabled
IGMP - Disabled
Encapsulation - 1483 Bridged IP LLC
Username and password left blank


Now, if anyone knows, what are the security risks on our private network of dialing another connection?

I am considering using my netgear wireless router to dial the PPPoE connection on its wan port and then reconnecting its lan side to the rest of the network. This way I only have to change the gateway of any PC which wants to use the second ADSL (dialed PPPoE) account. If you suspect there are any security risks to consider, please reply.
 
Thanks for all the help guys. You guys replied so quickly, I didn't even notice the posts before my last one. It all boils down the router crashing every time I tried switching Pvc0 to bridge=enabled making me think that it just couldn't do that.

I'm still out on the security issue though.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X