PfSense + ubiquity

Donald Mac McCarthy mac at oscontext.com
Mon May 4 08:36:51 MST 2020 

Will Cox allow for a bridge/virtual bridge mode? Xfinity does, which
allows you to put in a firewall, and use the modem only as a gateway,
therefore preventing a double NAT situation. Never lived in a Cox area
before, and currently ride CL fiber.

Mac

Michael Butash via PLUG-discuss wrote on 5/3/20 2:00 PM:
> Cox modems will learn and allow only 1 mac at a time (unless business
> is set to allow more, but not on residential).  If switching out
> firewalls, I 99% of time reboot the modem first and foremost.
>
> -mb
>
> On Sun, May 3, 2020 at 12:08 PM Snyder, Alexander J via PLUG-discuss
> <plug-discuss at lists.phxlinux.org
> <mailto:plug-discuss at lists.phxlinux.org>> wrote:
>
>     I got it working. 
>
>     I assigned the SFP+ port as my LAN and assigned it the 10.x.x.x/16
>     network. Then I had to call COX and list the WAN Mac address with
>     them. Upon doing so I was able to reach external sites, and all
>     downstream devices started coming alive!
>
>     Thanks for all the suggestions and help!
>
>     Thanks,
>     Alexander
>
>     Sent from my Galaxy S10+
>
>     On Sun, May 3, 2020, 03:14 Herminio Hernandez, Jr. via
>     PLUG-discuss <plug-discuss at lists.phxlinux.org
>     <mailto:plug-discuss at lists.phxlinux.org>> wrote:
>
>         Can you  login to the FW via the LAN interface? Can you  ping
>         the FW LAN interface? Check the routing and NAT policy on the
>         FW. All outbound traffic should NAT to the FW WAN interface
>         and there should be a default (0.0.0.0/0 <http://0.0.0.0/0>)
>         route to the internet.
>
>         On Sat, May 2, 2020 at 7:27 PM Seabass via PLUG-discuss
>         <plug-discuss at lists.phxlinux.org
>         <mailto:plug-discuss at lists.phxlinux.org>> wrote:
>
>             I'm with Mac, I think it is not the firewall, but if you
>             have the ability to plug it into a display with a
>             keyboard, you can use that for configuration and modify a
>             different device at the same time.
>
>             Makes it easier to troubleshoot by giving you the ability
>             to configure your pfSense ports at the same time.
>>
>>
>>             Message: 2
>>             Date: Sat, 2 May 2020 09:04:35 -0700
>>             From: Donald Mac McCarthy <mac at oscontext.com
>>             <mailto:mac at oscontext.com>>
>>             To: "Snyder, Alexander J via PLUG-discuss"
>>             <plug-discuss at lists.phxlinux.org
>>             <mailto:plug-discuss at lists.phxlinux.org>>
>>             Subject: Re: pfSense + Ubiquity
>>             Message-ID:
>>             <18adfa38-3e72-7b0a-e31a-1ddf175d717f at oscontext.com
>>             <mailto:18adfa38-3e72-7b0a-e31a-1ddf175d717f at oscontext.com>>
>>             Content-Type: text/plain; charset="utf-8"
>>
>>             I can help - but I am unavailable to do so until tomorrow.
>>
>>             Make sure there are not any thing other than default
>>             VLANs on the
>>             interfaces to start with. Ubiquiti is famous for not
>>             havinght eSFP+
>>             ports active in the default configuration, and I believe
>>             the switch has
>>             all the ports to shutdown on default config as well.
>>
>>             I think it is the switch not passing traffic through - no
>>             the firewall.
>>
>>             Mac
>>             Snyder, Alexander J via PLUG-discuss wrote on 5/2/20 8:53 AM:
>>             > Does anyone out there have experience with pfSence and
>>             Ubiquity switches?
>>             >
>>             > I have zero with either but that didn't stop me from
>>             buying both ....
>>             > how hard could it be?! LOL.
>>             >
>>             > I bought a Negate XG-1537-1U. I bought a Unifi Pro 24
>>             PoE switch.
>>             >
>>             > I can configure the FW immediately after
>>             > firstboot/restore-default-configs, but only if i set
>>             the LAN interface
>>             > to be the cable that goes directly to my laptop. That's
>>             great, but
>>             > that does shit for the downstream switch.
>>             >
>>             > I have a 10GB SFP+ Port that I want to configure as the
>>             downstream
>>             > port to ubiquity, but any configuration other than
>>             mentioned above
>>             > fails .... and I'm now on my 12th "Reset To Factory
>>             Defaults" ... any
>>             > help on this would be greatly appreciated!
>>             >
>>             > Thanks,
>>             > Alexander
>>             >
>>             > Sent from my Galaxy S10+
>>             >
>>             >
>>             > ---------------------------------------------------
>>             > PLUG-discuss mailing list -
>>             PLUG-discuss at lists.phxlinux.org
>>             <mailto:PLUG-discuss at lists.phxlinux.org>
>>             > To subscribe, unsubscribe, or to change your mail settings:
>>             > https://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>
>>             --
>>             Donald "Mac" McCarthy
>>             Director, Field Operations
>>             Open Source Context
>>             +1.602.584.4445
>>             mac at oscontext.com <mailto:mac at oscontext.com>
>>             https://oscontext.com
>>             -------------- next part --------------
>>             An HTML attachment was scrubbed...
>>             URL:
>>             <http://lists.phxlinux.org/pipermail/plug-discuss/attachments/20200502/aeab14b4/attachment-0001.html>
>>
>>             ------------------------------
>>
>>             Subject: Digest Footer
>>
>>             _______________________________________________
>>             PLUG-discuss mailing list -
>>             PLUG-discuss at lists.phxlinux.org
>>             <mailto:PLUG-discuss at lists.phxlinux.org>
>>             To subscribe, unsubscribe, or to change your mail settings:
>>             https://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>
>>
>>             ------------------------------
>>
>>             End of PLUG-discuss Digest, Vol 179, Issue 2
>>             ********************************************
>
>
>             ---------------------------------------------------
>             PLUG-discuss mailing list -
>             PLUG-discuss at lists.phxlinux.org
>             <mailto:PLUG-discuss at lists.phxlinux.org>
>             To subscribe, unsubscribe, or to change your mail settings:
>             https://lists.phxlinux.org/mailman/listinfo/plug-discuss
>
>         ---------------------------------------------------
>         PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>         <mailto:PLUG-discuss at lists.phxlinux.org>
>         To subscribe, unsubscribe, or to change your mail settings:
>         https://lists.phxlinux.org/mailman/listinfo/plug-discuss
>
>     ---------------------------------------------------
>     PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>     <mailto:PLUG-discuss at lists.phxlinux.org>
>     To subscribe, unsubscribe, or to change your mail settings:
>     https://lists.phxlinux.org/mailman/listinfo/plug-discuss
>
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> https://lists.phxlinux.org/mailman/listinfo/plug-discuss

-- 
Donald "Mac" McCarthy
Director, Field Operations
Open Source Context
+1.602.584.4445
mac at oscontext.com
https://oscontext.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phxlinux.org/pipermail/plug-discuss/attachments/20200504/ccc00fb4/attachment.html>

More information about the PLUG-discuss mailing list