The RB4011 pppoe client connect fine via eth0
Issue I’m having is how to extend the eth0 leg into vlan 35 to let pfsense initiate it’s own session. Doing multiple sessions on the rb4011 is not a viable scenario for various reasons.
If I disable vlan filtering on the rb4011 bridge, add eth0 to the bridge and configure the rb4011 pppoe client to use the bridge interface I can connect sucessfully, other pppoe sessions can be initiated from within 192.168.10.0. If I enable vlan filtering on the bridge I can no longer get my pppoe(bridge) interface to connect. I'm also no longer able to initiate from the local lan.
now I've over simplified the diagram to leave the pertinent stuff.
I seem to be having some challenges grasping exactly how the new vlan filtering works. I have no struggle on the cisco side.
any help would greatly be appreciated.
thanks
pppoe vlan filtering internal network
You do not have the required permissions to view the files attached to this post.
Re: pppoe vlan filtering internal network
I've a similar setup working on a RBD52G ... it should work on RB4011 as well. It goes like this:
In English (for @anav et.al.): add the WAN physical interface (eth0 on the chart) to the common bridge as access (untagged) port for VLAN VID=35. Add VLAN VID=35 to the list of passed VLANs over trunk port (eth7) towards LAN (Cisco) and to the bridge-accessed VLANs as well. Create appropriate VLAN interface on bridge and configure PPPoE client to run on just created VLAN interface.
Code: Select all
/interface vlan
add interface=bridge name=vlan-35 vlan-id=35
/interface pppoe-client
add add-default-route=yes disabled=no interface=vlan-35 user=<USERNAME> password=<PASSWORD> name=pppoe1-out
/interface bridge port
# the below assumes you're only getting untagged PPPoE frames through WAN physical interface (eth0).
# If your ISP is offering some other service over tagged VLAN (i.e. VoIP, IPTV, ...), you'll have to omit
# "frame-types=admit-only-untagged-and-priority-tagged" from the definition and add appropriate VLAN config
# elsewhere.
add bridge=bridge ingress-filtering=yes frame-types=admit-only-untagged-and-priority-tagged interface=eth0 pvid=35
/interface bridge vlan
add bridge=bridge tagged=bridge,eth7 untagged=eth0 vlan-ids=35
In English (for @anav et.al.): add the WAN physical interface (eth0 on the chart) to the common bridge as access (untagged) port for VLAN VID=35. Add VLAN VID=35 to the list of passed VLANs over trunk port (eth7) towards LAN (Cisco) and to the bridge-accessed VLANs as well. Create appropriate VLAN interface on bridge and configure PPPoE client to run on just created VLAN interface.