PfSense + ubiquity

Michael Butash michael at butash.net
Mon May 4 11:03:12 MST 2020 

Cox modems *are* bridges first and foremost typically, unless you get a
bundled router/modem, which is only what CenturyLink sells.  If you got a
"router/modem" combo, just buy a modem-only device for a dumb bridge and
simple ethernet for a public ip.  I recommend staying with an arris cable
modem, originally motorola, they basically developed cable modem docsis,
and are always the best.

I moved from Cox to CL when Cox started adding a usage cap, and that was
new to me to get my Fortinet firewall online with CL and their DSL doing
PPPOE.  I've seen the router/cable modem combo boxes later, but never owned
one as I always have my own router/firewall.

-mb


On Mon, May 4, 2020 at 8:36 AM Donald Mac McCarthy <mac at oscontext.com>
wrote:

> Will Cox allow for a bridge/virtual bridge mode? Xfinity does, which
> allows you to put in a firewall, and use the modem only as a gateway,
> therefore preventing a double NAT situation. Never lived in a Cox area
> before, and currently ride CL fiber.
>
> Mac
>
> Michael Butash via PLUG-discuss wrote on 5/3/20 2:00 PM:
>
> Cox modems will learn and allow only 1 mac at a time (unless business is
> set to allow more, but not on residential).  If switching out firewalls, I
> 99% of time reboot the modem first and foremost.
>
> -mb
>
> On Sun, May 3, 2020 at 12:08 PM Snyder, Alexander J via PLUG-discuss <
> plug-discuss at lists.phxlinux.org> wrote:
>
>> I got it working.
>>
>> I assigned the SFP+ port as my LAN and assigned it the 10.x.x.x/16
>> network. Then I had to call COX and list the WAN Mac address with them.
>> Upon doing so I was able to reach external sites, and all downstream
>> devices started coming alive!
>>
>> Thanks for all the suggestions and help!
>>
>> Thanks,
>> Alexander
>>
>> Sent from my Galaxy S10+
>>
>> On Sun, May 3, 2020, 03:14 Herminio Hernandez, Jr. via PLUG-discuss <
>> plug-discuss at lists.phxlinux.org> wrote:
>>
>>> Can you  login to the FW via the LAN interface? Can you  ping the FW LAN
>>> interface? Check the routing and NAT policy on the FW. All outbound traffic
>>> should NAT to the FW WAN interface and there should be a default (
>>> 0.0.0.0/0) route to the internet.
>>>
>>> On Sat, May 2, 2020 at 7:27 PM Seabass via PLUG-discuss <
>>> plug-discuss at lists.phxlinux.org> wrote:
>>>
>>>> I'm with Mac, I think it is not the firewall, but if you have the
>>>> ability to plug it into a display with a keyboard, you can use that for
>>>> configuration and modify a different device at the same time.
>>>>
>>>> Makes it easier to troubleshoot by giving you the ability to configure
>>>> your pfSense ports at the same time.
>>>>
>>>>
>>>>
>>>> Message: 2
>>>> Date: Sat, 2 May 2020 09:04:35 -0700
>>>> From: Donald Mac McCarthy <mac at oscontext.com>
>>>> To: "Snyder, Alexander J via PLUG-discuss"
>>>> <plug-discuss at lists.phxlinux.org>
>>>> Subject: Re: pfSense + Ubiquity
>>>> Message-ID: <18adfa38-3e72-7b0a-e31a-1ddf175d717f at oscontext.com>
>>>> Content-Type: text/plain; charset="utf-8"
>>>>
>>>> I can help - but I am unavailable to do so until tomorrow.
>>>>
>>>> Make sure there are not any thing other than default VLANs on the
>>>> interfaces to start with. Ubiquiti is famous for not havinght eSFP+
>>>> ports active in the default configuration, and I believe the switch has
>>>> all the ports to shutdown on default config as well.
>>>>
>>>> I think it is the switch not passing traffic through - no the firewall.
>>>>
>>>> Mac
>>>> Snyder, Alexander J via PLUG-discuss wrote on 5/2/20 8:53 AM:
>>>> > Does anyone out there have experience with pfSence and Ubiquity
>>>> switches?
>>>> >
>>>> > I have zero with either but that didn't stop me from buying both ....
>>>> > how hard could it be?! LOL.
>>>> >
>>>> > I bought a Negate XG-1537-1U. I bought a Unifi Pro 24 PoE switch.
>>>> >
>>>> > I can configure the FW immediately after
>>>> > firstboot/restore-default-configs, but only if i set the LAN interface
>>>> > to be the cable that goes directly to my laptop. That's great, but
>>>> > that does shit for the downstream switch.
>>>> >
>>>> > I have a 10GB SFP+ Port that I want to configure as the downstream
>>>> > port to ubiquity, but any configuration other than mentioned above
>>>> > fails .... and I'm now on my 12th "Reset To Factory Defaults" ... any
>>>> > help on this would be greatly appreciated!
>>>> >
>>>> > Thanks,
>>>> > Alexander
>>>> >
>>>> > Sent from my Galaxy S10+
>>>> >
>>>> >
>>>> > ---------------------------------------------------
>>>> > PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>>>> > To subscribe, unsubscribe, or to change your mail settings:
>>>> > https://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>>
>>>> --
>>>> Donald "Mac" McCarthy
>>>> Director, Field Operations
>>>> Open Source Context
>>>> +1.602.584.4445
>>>> mac at oscontext.com
>>>> https://oscontext.com
>>>> -------------- next part --------------
>>>> An HTML attachment was scrubbed...
>>>> URL: <
>>>> http://lists.phxlinux.org/pipermail/plug-discuss/attachments/20200502/aeab14b4/attachment-0001.html
>>>> >
>>>>
>>>> ------------------------------
>>>>
>>>> Subject: Digest Footer
>>>>
>>>> _______________________________________________
>>>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>>>> To subscribe, unsubscribe, or to change your mail settings:
>>>> https://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>>
>>>>
>>>> ------------------------------
>>>>
>>>> End of PLUG-discuss Digest, Vol 179, Issue 2
>>>> ********************************************
>>>>
>>>>
>>>>
>>>> ---------------------------------------------------
>>>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>>>> To subscribe, unsubscribe, or to change your mail settings:
>>>> https://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>
>>> ---------------------------------------------------
>>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>>> To subscribe, unsubscribe, or to change your mail settings:
>>> https://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:
>> https://lists.phxlinux.org/mailman/listinfo/plug-discuss
>
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:https://lists.phxlinux.org/mailman/listinfo/plug-discuss
>
>
> --
> Donald "Mac" McCarthy
> Director, Field Operations
> Open Source Context
> +1.602.584.4445
> mac at oscontext.com
> https://oscontext.com
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phxlinux.org/pipermail/plug-discuss/attachments/20200504/70cddbfc/attachment.html>

More information about the PLUG-discuss mailing list