So everything had worked fine since Feb, (except I never got openvpn working) until my ISP died last Tuesday. Constant rebooting of the BT adsl router (in bridge/modem mode) and the Alix box brought no joy. In the frantic attempts to fix something I screwed up the pfSesne install, mainly when I started removing/moving interfaces.
NB! changing LAN IF will remove things like the static reserved IP info! Should have done a backup!
Desparately tried to get the ‘ WLG-1500SMA WLAN 11G USB ‘ adpaptor to work as a 2nd WAN IF (driver = zyd0), did eventually, (by using setting ‘BSS (infrastructure)’ not AP as for the built in ath0 IF) – only connected to the phone when no wifi security! However it seemed quite flakey and would keep falling over after maybe 30min.
The ‘fix’ for the TalkTalk adsl involved having one of their routers. Couldn’t ask why as I was not around when the guy called. So I’m now using this as my WAN eth IF. This uses DHCP on vr0 of pfSense to talktalk rtr.
Rebuilding the IPsec:
All looked ok for IPSec and initially said interface was up, but I sooned managed to make that dissapear! Main problem with above setup was the talktalk router being in front of pfSense and routing/NAT issues for IPSec traffic (known to be complex).
Reinstating the BT Voyager 190 router in bridge mode:
I soon tried to ditch the talktalk router to simplify the ipsec issue but could never get a WAN IF up when set to pppoe as I used to do. Think what happened is that in panic of above I reset the 190 to default firmware (the preinstalled AOL, on: 192.168.1.1). This was never gonna work. Reinstalled the Dynalink 3.29a f/w changed ip to 192.168.0.1 and found the bridge mode settings (did I ever find them before?), buried in sub-menus on the adsl connection ‘write’ icon. ensure change set 0/38 and vc-mux (not defaults?). Change WAN IF from dhcp to pppoe (why not pppoa?) and immediately ISP IP/DNS becomes the WAN IP info. Hoping IPsec can now be re-estblished as it was before?… Yes it can, when I made the settings match TC…