Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




91 posts

Master Geek
+1 received by user: 10


Topic # 191757 15-Feb-2016 15:21
Send private message

I am having trouble configuring my ERL for Slingshot UFB that requires PPPoE and VLAN tagging. Would appreciate your wisdom that helps me tame this beast.

 

My endeavour so far:

 

     

  • Upgraded to V1.7 firmware – working fine as I can log in and access its functions through the new web-based UI
  • Tried Andrew’s (Aredwood) config file but got error message: Upload failed

 

     

  • Tried to configured one PPPoE WAN port with two bridged LAN ports via Wizard tab: no luck – cannot log back in after reboot. I did change the ethernet cable from Eth 0 to Eth 1 after reboot. When tried to ping this ERL from my Mac, it shows inconsistently with either “host unknow” or “time-out”.

Any tip on what the next step is I may take? Am I not doing the right thing or maybe the hardware has been damaged (I did a few hard-reset during the past couple days)?

 

Apology for those rookie questions and thanks in advance for your kind support. I searched across the forum but couldn't find any instruction that I can follow.


Create new topic
Meow
7100 posts

Uber Geek
+1 received by user: 3339

Moderator
Trusted
Lifetime subscriber

  Reply # 1492758 15-Feb-2016 17:18
Send private message

Do a factory restore to start off - lets start off fresh.

 

Don't use the WAN+2LAN2 wizard - instead run the "WAN+2LAN" wizard but don't configure the 2nd port only since if you use it as a bridge you disable hardware acceleration router-wide.

 

Next, from the main screen (Dashboard) add a new VLAN interface as VLAN 10, and assign it to the ETH0 interface.

 

Delete PPPoE0 - recreate it specifying the VLAN 10 interface you just created.

 

 

 

You'll have internet at this stage however it is important to go into Firewall/NAT and set your interfaces up (PPPoE1):

 

 

Go to the Firewall Policies page and edit your rules for WAN_IN and WAN_LOCAL to specify the new PPPoE interface. Do a port scan using GRC Sheilds-UP and you should be done!







91 posts

Master Geek
+1 received by user: 10


  Reply # 1492839 15-Feb-2016 21:09
Send private message

Thanks for your instruction, Michael.

 

After you first four steps, following is what I got; does it look right to you?

 

 

When doing the 5th step (firewall), I don't seem to get what you indicated: "pppoe0" as one of the options on the dropdown box:

 

 

 

 

Any idea please? 

 

 

 

 


 
 
 
 


Meow
7100 posts

Uber Geek
+1 received by user: 3339

Moderator
Trusted
Lifetime subscriber

  Reply # 1492914 15-Feb-2016 23:06
Send private message

Oh for the firewall you need to go to "other" and type "pppoe0" - weird interface quirk there.

 

I just set up my EdgeRouter from scratch tonight (never again, my config is so complex it took me about 4 hours). I was on the ball with the whole thing except ended up manually configuring it without using the wizards. Essentially you'll plug your ONT into eth1 and plug your network into eth0 with that setup.

 

As long as you remove the pppoe0 connection and re-add it linking your "eth1.10" interface you should be set to go. I am not familiar with Slingshot UFB but that does look correct. There are easier ways to do it through the CLI however I thought I'd better instruct you through the WebUI to prevent confusion :)





Meow
7100 posts

Uber Geek
+1 received by user: 3339

Moderator
Trusted
Lifetime subscriber

  Reply # 1492915 15-Feb-2016 23:08
Send private message

For the firewall page edit your rules like so:

 

 

(ignore my top rule)







91 posts

Master Geek
+1 received by user: 10


  Reply # 1492981 16-Feb-2016 07:51
Send private message

michaelmurfy:

 

Oh for the firewall you need to go to "other" and type "pppoe0" - weird interface quirk there.

 

Thanks for the tip. This helps my confusion big time. 

 

michaelmurfy:

 

I just set up my EdgeRouter from scratch tonight (never again, my config is so complex it took me about 4 hours). I was on the ball with the whole thing except ended up manually configuring it without using the wizards. Essentially you'll plug your ONT into eth1 and plug your network into eth0 with that setup.

 

 

So if I understand it, the ERL will end up provisioning two LANs based on this configuration, right? 

 

michaelmurfy:

 

As long as you remove the pppoe0 connection and re-add it linking your "eth1.10" interface you should be set to go. I am not familiar with Slingshot UFB but that does look correct. There are easier ways to do it through the CLI however I thought I'd better instruct you through the WebUI to prevent confusion :)

 

 

I guess I overestimate what ERL's WebUI can do at this stage. Let's see if the next version will take care those know quirks. By the way, do you have recommended link if I would like to take the CLI path next time?

 

Many thanks for your help and I feel apologetic about those four hours you lost ...




91 posts

Master Geek
+1 received by user: 10


  Reply # 1494704 18-Feb-2016 10:29
Send private message

Finally it's up and running. Hooray. Some quick updates as notes to myself and for future search on this topic:

 

  • Re The error message I received (at the top of this thread) during loading Andrew's config file, this was due to the thoughtful Mac OS that automatically uncompressed his config file after download, which makes it unrecognisable to the ERL.
  • Thought ERL has three gigabit ports, it doesn't have a dedicated chip for switch work. This means port-bridging will be done by software and will have impact on its capacity and performance.
  • Based on the above, I end up having two networks available which is a bonus; not sure what to do with the 2nd one yet.
  • As I am using HG659B as my AP, the DHCP range needs to be adjusted to avoid IP conflict; HG659B is set at 192.168.1.254 by default. 

The ERL isn't the easiest to set up as some have said but I really enjoy its solid performance (and hopefully its reliability). Time will tell. Many many thanks for GZers, especially Michael @michaelmurfy and Andrew @Aredwood

 

 


1962 posts

Uber Geek
+1 received by user: 547


  Reply # 1494731 18-Feb-2016 11:03
Send private message

On 2Degrees fibre on Enable in Christchurch I found I got dodgy performance until I changed the MTU on pppoe0 to 1500 (which required changing the parent VLAN and ETH to 1508).

 

Michael, I recall you also had this in your setup - can you advise if it is still required for an optimal connection? Is this ISP specific? Want to make sure I am not giving incorrect advice to the OP.


Meow
7100 posts

Uber Geek
+1 received by user: 3339

Moderator
Trusted
Lifetime subscriber

  Reply # 1494814 18-Feb-2016 11:53
Send private message

@Paul1977 yes I've set my MTU to 1508 for everything except the PPPoE connection however changed to BigPipe today so hoping that setup still works (I think it is as my connection is up).




1 post

Wannabe Geek


  Reply # 1502499 1-Mar-2016 22:24
Send private message

Hi,

 

I have followed this thread but cant get a PPPOE connection to SNAP (2degrees). Called 2degrees and they cant see any authentication requests from PPPOE?

 

 

 

Set-up as below any pointers appreciated ( Edgerouter Lite Firmware 1.8)

 

 

 

 

Interfaces - eth0 (LAN) eth1 ( internet WAN) VLAN10 ( SNAP UFB) eth1.10   pppoe0 - parent is eth1.10

 

 

 

 

 

 

 

 

 

 

 

Config.boot

 

firewall {
all-ping enable
broadcast-ping disable
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
name WAN_IN {
default-action drop
description "WAN to internal"
rule 10 {
action accept
description "Allow established/related"
log disable
protocol all
state {
established enable
related enable
}
}
rule 20 {
action drop
description "Drop invalid state"
state {
invalid enable
}
}
}
name WAN_LOCAL {
default-action drop
description "WAN to router"
rule 10 {
action accept
description "Allow established/related"
log disable
protocol all
state {
established enable
related enable
}
}
rule 20 {
action drop
description "Drop invalid state"
state {
invalid enable
}
}
}
options {
mss-clamp {
mss 1412
}
}
receive-redirects disable
send-redirects enable
source-validation disable
syn-cookies enable
}
interfaces {
ethernet eth0 {
address 192.168.1.1/24
description Local
duplex auto
speed auto
}
ethernet eth1 {
description "Internet (PPPoE)"
duplex auto
speed auto
vif 10 {
description "SNAP UFB"
ip {
}
pppoe 0 {
default-route auto
firewall {
in {
name WAN_IN
}
local {
name WAN_LOCAL
}
}
mtu 1492
name-server auto
password xxxxxxxx
user-id xxxxxxx@snap.net.nz
}
}
}
ethernet eth2 {
address 192.168.2.1/24
description "Local 2"
duplex auto
speed auto
}
loopback lo {
}
}
port-forward {
auto-firewall enable
hairpin-nat enable
lan-interface eth1
wan-interface pppoe0
}
service {
dhcp-server {
disabled false
hostfile-update disable
shared-network-name LAN1 {
authoritative disable
subnet 192.168.1.0/24 {
default-router 192.168.1.1
dns-server 192.168.1.1
lease 86400
start 192.168.1.21 {
stop 192.168.1.240
}
}
}
shared-network-name LAN2 {
authoritative disable
subnet 192.168.2.0/24 {
default-router 192.168.2.1
dns-server 192.168.2.1
lease 86400
start 192.168.2.21 {
stop 192.168.2.240
}
}
}
}
dns {
forwarding {
cache-size 150
listen-on eth0
listen-on eth2
}
}
gui {
https-port 443
}
nat {
rule 5010 {
outbound-interface pppoe0
type masquerade
}
}
ssh {
port 22
protocol-version v2
}
}
system {
host-name ubnt
login {
user ubnt {
authentication {
encrypted-password $1$zKNoUbAo$gomzUbYvgyUMcD436Wo66.
}
level admin
}
}
ntp {
server 0.ubnt.pool.ntp.org {
}
server 1.ubnt.pool.ntp.org {
}
server 2.ubnt.pool.ntp.org {
}
server 3.ubnt.pool.ntp.org {
}
}
syslog {
global {
facility all {
level notice
}
facility protocols {
level debug
}
}
}
time-zone UTC
}

 


/* Warning: Do not remove the following line. */
/* === vyatta-config-version: "config-management@1:conntrack@1:cron@1:dhcp-relay@1:dhcp-server@4:firewall@5:ipsec@5:nat@3:qos@1:quagga@2:system@4:ubnt-pptp@1:ubnt-util@1:vrrp@1:webgui@1:webproxy@1:zone-policy@1" === */
/* Release version: v1.8.0.4853089.160219.1607 */


Meow
7100 posts

Uber Geek
+1 received by user: 3339

Moderator
Trusted
Lifetime subscriber

  Reply # 1502510 1-Mar-2016 22:44
Send private message

I can see your PPPoE / VLAN interfaces are not linked - here is mine. Also note I use a MTU of 1508 on all interfaces except the PPPoE interface (which is 1500) and my WAN interface is set to eth0: 

 

interfaces {

 

ethernet eth0 {

 

description Internet

 

duplex auto

 

mtu 1508

 

speed auto

 

vif 10 {

 

description "BigPipe VLAN"

 

mtu 1508

 

pppoe 0 {

 

default-route auto

 

firewall {

 

in {

 

name WAN_IN

 

}

 

local {

 

name WAN_LOCAL

 

}

 

}

 

mtu 1500

 

name-server auto

 

password yourpasswordhere

 

user-id user@isp.co.nz

 

}

 

}

 

}




170 posts

Master Geek
+1 received by user: 18


  Reply # 1562501 30-May-2016 17:30
Send private message

Very helpful thread.

 

I'd been struggling to get my Port Forwards working correctly. I'd wondered if the WAN should be set to pppoe0 instead of eth0, but I'd found that wasn't in the list of options in the GUI. However looking at this thread confirmed that was indeed my problem, and how to fix it. Select "other" and then type in "pppoe0".

 

With that simple change done, everything is now correctly working here now with Port Forwards and Auto-Firewall rules..... all thanks to this thread.

 

Thanks

 

Mike


2 posts

Wannabe Geek


  Reply # 1569447 10-Jun-2016 14:33
Send private message

Hey guys. 

 

My EdgeRouter Lite is running the v1.8.0 firmware. It seems that in order to make PPPoE and VLANs work with later iterations of the firmware you have to set it up a little differently: 

 

First add a VLAN (VID of 10) to your WAN interface (in my case eth1 as I used the WAN+2LAN setup wizard) 

 

Secondly, add a PPPoE interface and select the same interface that you did for the VLAN (eth1). 

 

Thirdly, setup the WAN interface under Port Forwarding, and the Firewall Policies as Michael described earlier in this thread. 

 

You should now be good to go!

 

I hope this helps if anyone is stuck! 

 

 


2 posts

Wannabe Geek


  Reply # 1570398 12-Jun-2016 12:05
Send private message

Please disregard my last reply, it turns out my ISP (BigPipe) is not using VLAN tagging on (at least some) of their UFB plans now! Just PPPoE.

 

Makes the setup in the EdgeRouter Lite a lot easier. If you have a provider which uses PPPoE and VLANs still, disregard what I wrote and follow Michael's steps.

 

Be aware that some of the BigPipe guides still show VLANs being used. 

 

Thanks guys!


Meow
7100 posts

Uber Geek
+1 received by user: 3339

Moderator
Trusted
Lifetime subscriber

  Reply # 1570462 12-Jun-2016 14:02
Send private message
182 posts

Master Geek
+1 received by user: 13

Subscriber

  Reply # 1573400 15-Jun-2016 14:24
Send private message

 Hi Michael and others,

 

So I reset my ERL  and reconfigured it for Bigpipe (just regular, no VLAN10) last night using the WAN+2LAN option, and using the PPPOE option in the wizard. WAN is ETH1; LAN is ETH0; PPPOE is configured over PPPOE0

 

Then, when I was trying to get my two raspberry pi DNS servers up and running, I ran into some trouble:

 

1. SSH logins have suddenly slowed down to a snail's pace - I understand a leading cause of this is the inability for my Mac to run reverse DNS lookups

 

2. I can no longer do any nslookups on my mac

 

3. When I set my raspberry pis as the DNS servers, and turn off the DNS forwarding in the ERL, DNS doesn't work.

 

All of these issues lead me to believe that there are some firewall/port forwarding settings that seem to be wrong.

 

 

 

I went to the Port Forwarding part of the config, and have set the WAN interface as pppoe0 and LAN as eth0. But that didn't seem to help.

 

 

 

Any thoughts? I can paste my config, but thought I'd try the easy way first rather than to have to subject you all to a long piece of code.


Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Fujifilm X beats its best with new top of the range, high-performance camera
Posted 24-Feb-2018 14:05


One million kiwis affected by cybercrime
Posted 24-Feb-2018 13:58


New Zealanders want to engage with government online and via mobile apps
Posted 24-Feb-2018 13:56


Samsung launches Samsung Max
Posted 24-Feb-2018 13:52


CPTPP text and National Interest Analysis released for public scrutiny
Posted 21-Feb-2018 19:43


Foodstuffs to trial digitised shopping trolleys
Posted 21-Feb-2018 18:27


2018: The year of zero-login, smart cars & the biometrics of things
Posted 21-Feb-2018 18:25


Intel reimagines data centre storage with new 3D NAND SSDs
Posted 16-Feb-2018 15:21


Ground-breaking business programme begins in Hamilton
Posted 16-Feb-2018 10:18


Government to continue search for first Chief Technology Officer
Posted 12-Feb-2018 20:30


Time to take Appleā€™s iPad Pro seriously
Posted 12-Feb-2018 16:54


New Fujifilm X-A5 brings selfie features to mirrorless camera
Posted 9-Feb-2018 09:12


D-Link ANZ expands connected smart home with new HD Wi-Fi cameras
Posted 9-Feb-2018 09:01


Dragon Professional for Mac V6: Near perfect dictation
Posted 9-Feb-2018 08:26


OPPO announces R11s with claims to be the picture perfect smartphone
Posted 2-Feb-2018 13:28



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.