WAN packetloss after IP change on a LAN computer
-
I have installed pfSense and configured it with multiWAN, but I am running into a strange issue today.
When I change the IP address of a computer that is connected to the LAN interface to an IP address that is in a different IP range than pfSense, the packetloss to both WAN connections is 100%. After changing the IP address back to the IP range for the LAN interface and rebooting Pfsense everything works fine again. I just want to use another IP range on some computers that are in the same physical network (they don't need an internet connection and have no gateway configured). Everything in the internal network (the LAN interface) is still available, and I can still reach pfSense fine. I also can't ping the WAN gateway from the pfSense console. Any thoughts on this issue?
-
New pfSense has three LAN rules, in this order:
- Allow connections to the Web GUI on the LAN interface of the pfSense from any subnet
- Allow traffic that is sourced from an IP address in the same subnet as the interface
- (implied rule at the end of the list, does not normally explicitly appear) drop all traffic that didn't match one of the allow rules
You need to either change the default allow rule to allow every subnet you want, or add another rule that allows the subnet you're interested in.
Note that if your computers on the other subnet don't have some way to route traffic to the pfSense, you won't be moving traffic this way probably (like if those computers want internet access through this pfSense). You may want a virtual IP address on the LAN interface so that the pfsense has an IP address on both subnets to use, or something like that.