Openwrt to Passthrough the public ip received by pppoe

hello,
i want my openwrt to passthrough the pppoe ip to a watchguard firewall device.

is this possible ?

so far i have a D-Link DAP-X1860 with OpenWrt 23.05.5 , a vdsl modem with 2 ethernet switch ports. pppoe connection on OpenWrt 23.05.5 runs fine.
with NAT , the watchguard is getting a privat ip via dhcp and can access internet.
i tried to leave static ip of openwrt lan empty and disabled Masquerading
but the pppoe ipv4 is not offered to watchguard.

chatgpt said it would work this way.
is Passthrough of pppoe ip even possible ?

Then let chatty explain, how, I'm curious and all ears...

What do you even want to achieve and btw, there is no "IP passthrough".

You have multiple options.

  1. Public and Private IP on OpenWrt with NAT, and your watchguard is doing NAT to.
  2. Set static routes between OpenWrt and watchguard, and doing NAT only on OpenWrt
  3. Use IPv6 and just use routing.
  4. Can't your watchguard do PPPoE, why do you have the watchguard behind OpenWrt anyway?
  5. Even more broken NAT scenario: Doing 1:1 NAT on OpenWrt and Masquerade on watchguard!

PS: Someone should jump in and tell me again how much more easy and simple IPv4 is!

1 Like

all your options do not fit in my case.
i need a ip passthrough device in front of the watchguard to handle pppoe dial in.

Something lost in translation?
In front of the openwrt, is there a modem? If yes, does watch guard support pppoe? If yes, remove openwrt and let watch guard handle the dial in.

Or like I said, you can do static routing private IP networks, or you can do double nat, either with masquerade and 1to1 or just double masquerade.

But still, the processing or forwarding of IP packets is still called routing, there is no "pass through".
(If your ISP provided device is able to do "bridge mode" is something totally different because it renders the devices to be just a plain stupid modem. Nothing more nothing less.)

And please. If you reply to someone directly then use the reply button of the post you are replying to and not the reply to thread button otherwise no one is getting a notification.

dear bernd,
there are reasons why i need a device in front of my watchgurd to handle pppoe.
ip passthrough is bridging only the dialin ip. no nat no routing no passthrough of the modem

Then please feel free to invent such a device.
I don't know if you can abuse arp proxy in a bridged setup but this is so obvious Brocken this setup I don't know where to start.
Why can you not use a private IP on the watch guard and use static routes?

no need to invent , some mikrotik , zyxel or draytek can do it and work fine
i just wanted to use openwrt bc of other reasons.

Can you point to one of their documentation which describes what the device is doing.

Without explaining -- on a technical level -- what and how you want to achieve your task, will not led you go anywhere.

PS: Its like saying: "I need SD-WAN!!1" without understanding what and whats not falling under the various terms and usages by vendors under the umbrella "SD-WAN"...

1 Like

Your openwrt is way too old to be useful for anything.
What you ask is possible with l(n&x but not via openwrt menus. No help here, ask̈ your chad