Looking for router advice before moving to AT&T fiber

Kev

Active Member
Feb 16, 2015
432
76
28
37
Oh, i never tried because the instructions said downgrade to 1.5.12 so I thought the shell was only available in that firmware. Good to know now but I succeeded and got the certs out.
 

Kev

Active Member
Feb 16, 2015
432
76
28
37
Okay so I was all gung-ho on bypassing the RG and handling everything via pFsense but in my network, i'm running ESXI and have multiple firewalls, pFsense, OPNsense all getting their own public IP address so I decided to abandon this project. I now have one fully extracted cert package from a BGW210 and if anyone is looking to jump into this, PM me and I can sell this one cert to someone.

I also have a NVG589 that is waiting for the flash to be desoldered and dumped. I really got ahead of myself on this one!

EDIT: I was able to root the NVG589 as well. Two sets of certs up for sale.
 
Last edited:

Gene

Active Member
Jan 27, 2016
166
29
28
38
So i have my certs. Was able to desolder and pull the required files from the nvg589 chip. Once I get a window for downtime I'll switch to supplicant mode in pfsense. I'll get the certs off the BGW210 when i get a chance too
 

Kev

Active Member
Feb 16, 2015
432
76
28
37
Well, i spun up a new pfsense instance on my ESXI to try the WPA_SUPPLICANT method but it didn't work out. Here are the steps I took.

1) vmxnet interface are not detected by ngctl, use E1000
2) Created a new VSWITCH with uplink to the dedicated ethernet port, set security to allow for all three
3) create a port group with VLAN0, set security to allow for all three
4) assign this port group to the em0 interface in pfsense
5) set up the scripts in pfsense and run them
6) only see EAP START, Len 0 in tcpdump on ngeth0 and nothing else

At this point, i'm stuck. Any help?
 

mb300sd

Active Member
Aug 1, 2016
197
74
28
30
You need to do pcie passthrough on the ethernet card. The vswitch won't pass EAPOL packets.
 

marcoi

Well-Known Member
Apr 6, 2013
1,391
219
63
Gotha Florida
I added a 4 port nic to my server to run pfsense with wpa_supplicant. its been working fine since i got it cut over. STill working on block IP but i havent had time to really mess with pfsense.
 

Kev

Active Member
Feb 16, 2015
432
76
28
37
You need to do pcie passthrough on the ethernet card. The vswitch won't pass EAPOL packets.
Oh shucks, that means I can’t vmotion my pfsense instance. Guess it’s just for messing around then!
 

das1996

New Member
Sep 4, 2018
22
2
3
You need to do pcie passthrough on the ethernet card. The vswitch won't pass EAPOL packets.
I remember reading a post on dslr where this scenario did indeed work. It had to do configuring the vnic correctly. See this post Re: PFSense RG Bypass with High Availability - AT&T U-verse | DSLReports Forums

Also, same user has a working method for sophos utm - ATT Fiber, Sophos UTM full gateway BYPASS SUCCESS!! - AT&T U-verse | DSLReports Forums . The thread is a bit fragmented so follow the first 3 links of the first post. IPv6 works too!

I've tested both the pfsense (under esxi with vnic) and sophos utm methods here with working results.

Note, I also have an unused tested cert available from a spare nvg. Private message for details.
 
Last edited:

das1996

New Member
Sep 4, 2018
22
2
3
Well, i spun up a new pfsense instance on my ESXI to try the WPA_SUPPLICANT method but it didn't work out. Here are the steps I took.

1) vmxnet interface are not detected by ngctl, use E1000
2) Created a new VSWITCH with uplink to the dedicated ethernet port, set security to allow for all three
3) create a port group with VLAN0, set security to allow for all three
4) assign this port group to the em0 interface in pfsense
5) set up the scripts in pfsense and run them
6) only see EAP START, Len 0 in tcpdump on ngeth0 and nothing else

At this point, i'm stuck. Any help?
I just checked mine. Vlan id is set to 4095 for the wan port group (along with all security options enabled). 4095 in esxi indicates passing of all vlan ID's.
 

Kev

Active Member
Feb 16, 2015
432
76
28
37
I just checked mine. Vlan id is set to 4095 for the wan port group (along with all security options enabled). 4095 in esxi indicates passing of all vlan ID's.
Did you find that you needed e1000 nic types for Netgraph to recognize the virtual adapter?
 

das1996

New Member
Sep 4, 2018
22
2
3
I tried the netgraph/pfsense method some time ago but don't recall being successful using esxi. I ultimately reverted to the dumb switch method until earlier this year. The certs method become more attainable for a novice. Been using it for a few months now (with utm).

Pfsense/certs under esxi is set to e1000. I can't remember if i tried vmxnet3 or not. Mainly the goal was to see if it actually worked and then try to implement under utm.
 

Gene

Active Member
Jan 27, 2016
166
29
28
38
Could someone send me the valid .der certs for a nvg589? I put them together manually plain text from a file i found online. However, I can't get the EAP process to authorize and I'm thinking it may be those .der cert files. The mfg.dat file was pulled directly from the bios chip.

Unless someone knows how to get the .der files from the chip bios which i wasn't able to find anything about

I couldn't get the ttl to work on the BGW210. Was just garbled text. I think I may have sent 5v instead of 3.3v at first and zapped something sigh. Still works fine but no way for me to get the eap off it now
 

Kev

Active Member
Feb 16, 2015
432
76
28
37
Could someone send me the valid .der certs for a nvg589? I put them together manually plain text from a file i found online. However, I can't get the EAP process to authorize and I'm thinking it may be those .der cert files. The mfg.dat file was pulled directly from the bios chip.

Unless someone knows how to get the .der files from the chip bios which i wasn't able to find anything about

I couldn't get the ttl to work on the BGW210. Was just garbled text. I think I may have sent 5v instead of 3.3v at first and zapped something sigh. Still works fine but no way for me to get the eap off it now
Send me a pm and I’ll send you mine.
 

mb300sd

Active Member
Aug 1, 2016
197
74
28
30
Garbled text sounds like a baud rate mismatch. I think mine was 9600. 5v/3.3 might burn out the Rx side, but shouldn't effect the Tx so you wouldn't get garbled text.
 

Gene

Active Member
Jan 27, 2016
166
29
28
38
Garbled text sounds like a baud rate mismatch. I think mine was 9600. 5v/3.3 might burn out the Rx side, but shouldn't effect the Tx so you wouldn't get garbled text.
yeah I used 9600 default with putty so not sure what the issue was
 
Last edited: