I recently switched my second internet connection to Airtel from Spectra because Airtel was offering a good deal in conjunction with my postpaid phone plan, and I thought it would be good to have my public services on two connections (Spectra uses CGNAT). After many weeks of trying to get Airtel support to acknowledge my request to activate bridge mode and a static IP, I finally have it running properly with the Airtel router in bridge mode and my OPNSense router making the PPPoE connection. However, I'm having a weird problem. On ACT, my static IP is automatically assigned by their PPPoE server. Based on my knowledge, that's the standard mode of operation for PPPoE connections. However, the Airtel technicians insist that I have to configure the static IP they've assigned to me on my end and that they cannot bind the static IP to my PPPoE credentials. I've tried and failed to configure the static IP in the PPPoE settings on OPNSense. What I am considering now is that perhaps I need to passthrough the VLANs from the Airtel router and configure the internet and voice VLANs on my OPNSense router and then I'll be able to apply the static IP settings. I'm wondering if anyone has a similar configuration or has faced a similar problem? Would appreciate any help.
enthusiast29
Skilled
If the router is in bridge mode then I believe only the WAN connection is disabled and one of the LAN port is in bridge mode.
The Voice VLAN stays on the airtel router as-is. No changes there.
On OPNsense side you need to get off PPPoE and configure static IP instead. Enter the details such as the static IP, Gateway, subnet mask etc. to make a connection. You can look these up in your airtel router WAN settings I suppose.
The Voice VLAN stays on the airtel router as-is. No changes there.
On OPNsense side you need to get off PPPoE and configure static IP instead. Enter the details such as the static IP, Gateway, subnet mask etc. to make a connection. You can look these up in your airtel router WAN settings I suppose.
Bridge mode is configured for media conversion from fibre (I think it's an SC connector? Didn't look too closely) to ethernet on a port as you said.
The Voice VLAN is currently configured on the Airtel router, but I'm planning to move it to a FreePBX VM running on my server eventually as that seems like fun. That's a project for another day though.
I'm not sure how to 'get off PPPoE' though. Some device in the chain between Airtel and my LAN has to make a PPPoE connection, right? If that's not their ONT-cum-router and not my router, then where does that happen? Or is their network essentially unsecured?
The Voice VLAN is currently configured on the Airtel router, but I'm planning to move it to a FreePBX VM running on my server eventually as that seems like fun. That's a project for another day though.
I'm not sure how to 'get off PPPoE' though. Some device in the chain between Airtel and my LAN has to make a PPPoE connection, right? If that's not their ONT-cum-router and not my router, then where does that happen? Or is their network essentially unsecured?
enthusiast29
Skilled
No, PPPoE connection is not required when you have static IP allocated.
@napstersquest might be able to help since I think he has static IP configured.
@napstersquest might be able to help since I think he has static IP configured.
To bind a static IP to your PPPoE credentials, you will need to configure your OPNSense router with the static IP as the PPPoE client's IP address. This can typically be done in the router's network settings or WAN configuration page. You should also have to configure your router to authenticate with your PPPoE username and password. This information is usually provided by your internet service provider. Once you have done that, you should be able to establish a PPPoE connection using your static IP. Please note that the steps may vary depending on the router model and firmware you are using.
superczar
Skilled
Airtel does not disable your regular pppoe which is why you are still able to connect via pppoe
Airtel assigns you a static IP on a specific VLAN segment (typically 100) and that does not require any pppoe authentication
That part is all you need to configure
In short, Note down your static IP from Airtel CPE (as well as VLAN, subnet mask and gateway IP)
set Airtel CPE to bridge mode to bridge your incoming fiber line to the LAN port of CPE.. which is in turn connected to WAN of your opnsense router
COnfigure Opnsense WAN to static IP with the IP, subnet mask, gateway and VLAN details you noted down in step 1
Thats it
If you have static IP, your router (one connected to bridged LAN port on the Airtel box) has to be configured with the static IP, gateway and DNS provided by ISP.
If you don't, the same router (yours) will need to be configured with the PPPoE settings.
If you don't, the same router (yours) will need to be configured with the PPPoE settings.
Thanks for the info! I have all the requisite information so I should be able to configure that in minutes once I get home. That's great to know.
Out of curiosity, does anyone know how that works on the ISP's end? I mean in terms of security. What prevents any user from setting a valid IP from the IP ranges Airtel owns in their CPE? Of course they would see that very quickly and be able to stop it, but I had assumed that even with an assigned static IP there would be some sort of security measures on the CPE end to ensure a particular IP can only be bound on the connection it is associated with.
Thanks everyone, took a little configuration (I forgot I had to specifically add upstream gateways in OPNSense) but this worked a charm. I took the opportunity to move the VLANs from Airtel's router to my own, and the Voice VLAN is also working, which is great.
Last edited: