Setup WAN and remove my isp box

loopingz · October 22, 2020, 11:32am

Hello,

I want to connect Turris as my main box and remove my provider box.
I have done all the homework to find the hidden value that I needed , username and password were sniffed too.
Then I have been following a post in Cz but currently it still does not work.
It looks like this:

loopingz · October 22, 2020, 11:33am

VLAN page1

loopingz · October 22, 2020, 11:34am

page2

loopingz · October 22, 2020, 11:36am

page3 physical settings eth2.80
page4 firewall.

Sorry for multiposting but I am forced to.

loopingz · October 22, 2020, 11:49am

And my WAN page, I tried to regroup as much as possible.

ssdnvv · October 22, 2020, 12:59pm

Just combine these two interfaces (the pppoe-one and WAN) and it should work - why did you divide them?
Regarding your homework - VLAN-ID 80 is correct for your ISP?

loopingz · October 22, 2020, 1:21pm

I did it this way because I tried to follow this post (but i am following in a foggy night…)

At first I did only one (but with wrong login pw), and I did not know how to set VLAN either.
VLAN settings was in clear in the hidden menu of ISP router, so I think I am fine. I tried to confirm in the sniffing capture but I did not find it.

ssdnvv · October 22, 2020, 3:46pm

Can’t tell why they chose two interfaces in one firewall zone - because when bridging them anyways you can also just create one single interface.
Just try and remove the pppoe-interface and enter the VLAN and credentials directly to your WAN.

loopingz · October 22, 2020, 4:46pm

I have tried to simplify. It did not connect anyway. Is there a basic mistake somewhere?

ssdnvv · October 22, 2020, 10:39pm

Try deleting the terminator-pppoe interface and (much more important!) move WAN interface to WAN firewall zone
ps: doing that stuff is much more easy via ssh (if you are familiar to this, please show the output of “vi /etc/config/network”).

loopingz · October 23, 2020, 9:20am

I have been starting ssh… this week and my understanding is poor. But I can run your commands…

config interface ‘loopback’
option ifname ‘lo’
option proto ‘static’
option ipaddr ‘127.0.0.1’
option netmask ‘255.0.0.0’

config globals ‘globals’
option ula_prefix ‘fd31:2656:ec9e::/48’

config interface ‘wan’
option proto ‘pppoe’
option force_link ‘1’
option ifname ‘eth1.80’
option username ‘LWF1097052581@lowi’
option password ‘XXXXXXXX’
option ipv6 ‘auto’
option mtu ‘1492’

config interface ‘lan’
option type ‘bridge’
option proto ‘static’
option netmask ‘255.255.255.0’
option _turris_mode ‘managed’
option ip6assign ‘60’
option bridge_empty ‘1’
option ipaddr ‘192.168.1.101’
list ifname ‘lan1’
list ifname ‘lan2’
list ifname ‘lan3’
list ifname ‘lan4’

config interface ‘guest_turris’
option enabled ‘1’
“/etc/config/network” 40L, 870C 1,0-1 Top

What would do you mean here?

Is the 1 of eth1.80 has some meaning or not? I have set that arbitrarily…

ssdnvv · October 23, 2020, 2:23pm

Yes, it definitely has
But it depends on your TurrisOS version. With TOS v5.x and later it has to be eth2.80, not eth1.80. Please do a
cat /etc/turris-version
via ssh to see what version you are using to be sure.
As a short explanation: eth0, eth1 and eth2 represent the physical ethernet interfaces on your TO. To create a VLAN on an interface, you append a “.[VLAN-ID]” to the respective physical interface.

For the firewall: assign interface WAN to the firewall zone WAN.

loopingz · October 23, 2020, 2:54pm

BusyBox v1.28.4 () built-in shell (ash)

  ______                _         ____  _____
 /_  __/_  ____________(_)____   / __ \/ ___/
  / / / / / / ___/ ___/ / ___/  / / / /\__
 / / / /_/ / /  / /  / (__  )  / /_/ /___/ /
/_/  \__,_/_/  /_/  /_/____/   \____//____/

TurrisOS 4.0-beta1, 0663455801

root@turris:~# cat /etc/turris-version
4.0
root@turris:~#

Edit: Firewall to wan

Then I have tried eth2.80 and eth0.80 (and eth1.80). Some reboots. It is strange like one blink max to the wan port, is it even trying? I have also done a reboot to the “pon”.
If my VLAN is wrong (but damn it was in the super hidden settings), is there some kind of script to check vlan like 0 to 100?

I am feeling that there is only one more hiccup to fix…

viktor · October 23, 2020, 9:33pm

Try update to TOS 5.

ssdnvv · October 24, 2020, 6:20am

Yes, please update to latest TurrisOS version.
To do that run
pkgupdate
from ssh. Unfortunately I cannot help with the VLAN-ID, because that is completely up to your ISP (but one ISP will normally only use a single ID) and there’s no automatic way of trying that.
Maybe reset everything and start from scratch (but this time I’d clearly recommend only using ssh to change the values), it’s normally very small things one misses.

loopingz · October 24, 2020, 9:19am

Well I am trying to update since the begining:

The good part is that I am starting to better understand the ssh and other things but I am still extremely weak.
The auto update is failing to download and it gets me crazy as the url is perfectly fine. May be it is trying to download through wan??? Why doesnt it work from the lan port?
And so far no luck as to force an offline update.

loopingz · October 25, 2020, 8:54am

Well I have found something interesting. After an hard reset and offline my isp box shows vlan80. But in normal use with sniffed admin password it is vlan100. So be it!
Eth0.100 get my WAN to connect! Hurray! I can ping 8.8.8.8 but I can’t ping google so I guess I have at least a DNS issue.

Edit: writing through the turris router! Success

Comodore125 · October 25, 2020, 2:01pm

Congrats and good job. What is the maximal speed of terminator? 250mbit with VDSL?

loopingz · October 25, 2020, 2:39pm

Well in the end nothing much in common with the terminator setup. I have a fiber contract of symmetric 100mb. And I am doing 120/120mb before and after. I have heard that the upload might jump (to 600) but it didn’t. I have tidied up the hardware setup, it is looking better but still not the best place for the wifi spot. But that’s a good feeling anyway having it the way I wanted.