Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
ForumsLAN (ethernet/Wifi/routers/Bluetooth)Draytek Vigor 120 + PFSense Initial Config


661 posts

Ultimate Geek
+1 received by user: 12


Topic # 96843 4-Feb-2012 19:02
Send private message

Finally got the Draytek Vigor 120 and ALIX 2D13 installed.

So far I just set the modem to "PPPoE passthrough" then put my user name, password and DNS servers into PFSense. I can get onto the internet, but I'm wondering is there any other basic setup I need to do (eg firewall)?

Now I have to start reading up on advanced configuration, but I want to make sure it's secure for the time being.

PS. Novice alert. 

Create new topic
379 posts

Ultimate Geek
+1 received by user: 30

Trusted

  Reply # 577323 4-Feb-2012 19:26
Send private message

Have you got other devices that use the same IP address? Setting up NAT is a good idea.

David.





1332 posts

Uber Geek
+1 received by user: 152
Inactive user


  Reply # 577339 4-Feb-2012 20:32
Send private message

You also need to turn off the Vigor's DHCP service so it isn't trying to hand out addresses. Do this step last - configure the modem as you want it, allow it to reboot then turn off DHCP and allow it to reboot again before going back to pfSense interface.

You won't be able to access the modem directly anymore (well, you can when you have finished configuring things but that is for later) but as long as your pfSense configuration is valid you should not need to.



661 posts

Ultimate Geek
+1 received by user: 12


  Reply # 577361 4-Feb-2012 22:09
Send private message

DrCheese: Have you got other devices that use the same IP address?


The modem is 192.168.1.1 and the router is 192.168.2.1, is that right?

DrCheese: Setting up NAT is a good idea. 


How? 
1080p: You also need to turn off the Vigor's DHCP service so it isn't trying to hand out addresses. Do this step last - configure the modem as you want it, allow it to reboot then turn off DHCP and allow it to reboot again before going back to pfSense interface.

You won't be able to access the modem directly anymore (well, you can when you have finished configuring things but that is for later) but as long as your pfSense configuration is valid you should not need to.


OK, I've done that.

Can someone confirm that this was the right image I used for the ALIX and 1GB CF (using the wrong install wears out the CF card, right?) I used the highlighted:

 

And now it's auto updated it'self to 2.0.1-RELEASE (i386), that's OK?

3628 posts

Uber Geek
+1 received by user: 1347

Subscriber

  Reply # 577365 4-Feb-2012 22:16
Send private message

pfSense seems to be pretty much configured out of the box. Just put in your PPPoE details and you can start playing with it. I have it installed at home and find it great for learning how stuff works. Very powerful little program.
Can't comment on the image you used as I have it on an old PC. Zeon might be the person to tell you.

470 posts

Ultimate Geek
+1 received by user: 116

Lifetime subscriber

  Reply # 577369 4-Feb-2012 22:25
Send private message

Yes, it looks like you've installed the right version for the ALIX 2D13 and your CF card (and the fact that it is working confirms this).

The standard firewall is already enabled when you first set up pfSense, so you probably won't need to change any more settings. If you've got DHCP running and your devices can access the internet, then your NAT is probably set up as well, and again you shouldn't need to change any settings (unless you want to punch holes in the firewall for access to a web server etc).

There are a few different firewall test websites which you can use to verify that your firewall is working.



661 posts

Ultimate Geek
+1 received by user: 12


  Reply # 577629 5-Feb-2012 19:16
Send private message

I got the custom case from PC engines with the 2d13 like what's pictured below. Actually mine has two extra small holes for antenna, but apart from that there is no real ventilation. Do you it will be cool enough?


956 posts

Ultimate Geek
+1 received by user: 346
Inactive user


  Reply # 577634 5-Feb-2012 19:33
Send private message

I've been meaning to get one of those Alix boards to handle two WAN connections

What kind of cpu usage do you get under heavy wan usage?

470 posts

Ultimate Geek
+1 received by user: 116

Lifetime subscriber

  Reply # 577648 5-Feb-2012 20:17
Send private message

I have the same case on mine (except black) and haven't had any problems with overheating. There are some tests of the router throughput here.

3415 posts

Uber Geek
+1 received by user: 405

Trusted

  Reply # 577653 5-Feb-2012 20:42
Send private message

As mentioned PFsense works pretty much out of the box without needing anything special added to it.

Just a couple of things,  in regards to the IP addresses, the WAN on PFsense should be automatically assigned by the PPP session. BY the sounds of it the Draytek is not in fact configured in full bridge mode? Also you generally do not need to put the DNS details in as these come in when the PPP link is established although this may not be true for every provider.

The hardware looks pretty good, able to route up to 100mbps for standard TCP connections. Should be good for a few years until we start seeing faster connections :) but yea good for home use. 





3628 posts

Uber Geek
+1 received by user: 1347

Subscriber

  Reply # 577700 6-Feb-2012 00:17
Send private message

Zeon:

The hardware looks pretty good, able to route up to 100mbps for standard TCP connections. Should be good for a few years until we start seeing faster connections :) but yea good for home use. 


This is the only thing that puts me off getting an Alix box. I dont really want to spend a couple hundy and get 100mb whereas I spent 30 bucks and get gigabit out the LAN side (actually has 3 gigabit NICs). Is there any embedded stuff that has gigabit ports? Or do you have to start looking at the serious dollars for commercial stuff?

1332 posts

Uber Geek
+1 received by user: 152
Inactive user


  Reply # 577732 6-Feb-2012 07:50
Send private message

chevrolux:
Zeon:

The hardware looks pretty good, able to route up to 100mbps for standard TCP connections. Should be good for a few years until we start seeing faster connections :) but yea good for home use.?


This is the only thing that puts me off getting an Alix box. I dont really want to spend a couple hundy and get 100mb whereas I spent 30 bucks and get gigabit out the LAN side (actually has 3 gigabit NICs). Is there any embedded stuff that has gigabit ports? Or do you have to start looking at the serious dollars for commercial stuff?


If your switch does gigabit you won't need gigabit ports on your embedded board unless you were routing a gigabit WAN interface.

54 posts

Master Geek
+1 received by user: 2


  Reply # 577786 6-Feb-2012 10:38
Send private message

This is basically the same set up as I have at home but are not using the Vigor in bridge mode. Is there an advantage to Bridge Mode?

Cheers.

470 posts

Ultimate Geek
+1 received by user: 116

Lifetime subscriber

  Reply # 577818 6-Feb-2012 12:26
Send private message

The advantage of having the Vigor in bridge mode is that you can have a separate, more capable router control the connection and routing.

341 posts

Ultimate Geek
+1 received by user: 26

Trusted

  Reply # 577876 6-Feb-2012 16:23
Send private message

This is all you need to do on the Vigor:

Configure PPPoE/PPPoA Passthrough

Running the Vigor120 in passthrough allows the router to do all of the heavy lifting which takes some load off the little processor in the Vigor120 - which often translates to faster speeds. Plus it avoids any nasty double-NAT crap.

Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.