Hi,
I was trying to setup OPNSense with My ATT BGW320-500, and had a few questions.
Configuration Questions:
- Dupuis.xyz - this link has a FW for an older version for BGW210-700, can I use it for my BGW320-500?
- Prerequisites mentions that I need to figure out
ONT_IF
,EAP_IDENTITY
, andRG_ETHER
, how does one do that?
Setup questions:
- Do I need the Ethernet from
ONT
cable to myWAN
port on OPNSense box? - Step 5 in the prerequisites document asks to test, but my box doesn’t have
bash
or any internet access (to install bash)? How do I do that?
Thanks.
EDIT: I’m using Fiber.
What firmware is your BGW320 currently on? There’s a method for newish firmwares that should work on the 320, and are confirmed working for the BGW210.
No easily accessible guide for it yet, but for OPNSense and PFSense themselves, there’s a simpler bypass available now. It still requires certificates. PFSense has an auth bridge mode that does not require certificates, but requires 3 interfaces and for your modem to still be plugged in.
You will need to connect the ONT ethernet directly to the WAN port for a bypass to work.
Software Version 4.23.4
, Imma give it a try, I’m on the same version as the repo. Fingers crossed :) Thank you for helping.No problem! Let me know how it goes.
I have the same Residental Gateway. Using pfSense+ on my end. The BGW320-500 is fiber capable. I assume you’re using fiber? If so you cannot hook it into ONT because the RG is the ONT. In my case I get raw fiber into a PON module that hooks into the RG. Best you can do in this case is set the RG to “passthrough mode” via web UI (192.168.1.254).
If you have a different setup that is not fiber maybe you’ll have more luck with a bypass, but I think you will need the RG regardless for auth: https://docs.netgate.com/pfsense/en/latest/recipes/authbridge.html
Just to understand, does that create a DoubleNAT? Do you happen to know what is your latency (ping time)? Thanks a ton.
There is no double nat. Passthrough mode has worked as expected for me. The one issue I have is that the RG will maintain firewall states, so it limits you to the RG hardware for those states. I have a pretty large home network though, tons of devices, IoT, etc, and it has been stable.
Latency seems decent. I have an AT&T fiber 2gb symmetrical connection and a ping to google from my Netgate pfSense machine is around 10-15ms.
deleted by creator