Pfsense and Router
-
@chpalmer Hi, pfSense installed on laptop and home router its a device connected to LAN (pfSense) throw LAN of this home router!
9
-
Does your home router have a WAN port? If so then that would be the only address you should see on your pfSense router.
You would be double NATting. Your home router would hand out all the addresses to your other devices.
-
@chpalmer My home router do not boot up WAN. Connection going LAN to LAN. Pfsense DO NOT show any home router ID.
-
What is the make and model of your home router?
-
@chpalmer Tp-Link 1043ND with OpenWRT
-
@antibiotic said in Pfsense and Router:
Tp-Link with OpenWRT
is the DHCP server on OpenWRT turned off? Are you using static IP addresses?
-
@chpalmer DHCP off and LAN use static IP, again for clear can see PCs behind home router connected to this router but can not see this router itself on pfSense.
-
If this router is running like a switch then you would only see it in the ARP table if at all.
The LAN page of the OpenWRT probably does not have a gateway setting to point back to pfSense.. So it will not itself know how to get out to the internet via pfSense.
-
@chpalmer LAN have this setting, that why asking! Trying to understand/
-
@antibiotic
pfSense only show DHCP leases for DHCP clients, naturally. So as the router has a static IP setting, it doesn't pull an IP from the DHCP server and hence it is not shown up on the status page. -
@viragomann Ok, clear but if to switch DHCP server on this router. Should pfSense show me this router and should this bring any problems ? This will exchange this router IP permanently every time?
-
@antibiotic said in Pfsense and Router:
but if to switch DHCP server on this router. Should pfSense show me this router and should this bring any problems ?
What do you mean? Activating the DHCP server on the router or switching the IP setting to DHCP (client)?
-
This post is deleted! -
@viragomann What is better and safely regarding my topic question?
-
@antibiotic
That's not a question of better or safer for me, it's on your own proclivity, how you want it to configure.If you need incoming traffic for devices behind to second router and you forward it on pfSense to the router, you need to have a static IP on the .
But you can as well achieve this by a static mapping in the DHCP server settings and configure the router as DHCP client. -
@antibiotic
That's not a question of better or safer for me, it's on your own proclivity, how you want it to configure.If you need incoming traffic for devices behind to second router and you forward it on pfSense to the router, you need to have a static IP on it.
But you can as well achieve this by a static mapping in the DHCP server settings and configure the router as DHCP client. -
This post is deleted! -
@viragomann Generally asking about all of this , because wanna use ntopng for my local network and afraid will i see my home router itself there? My home router working as WiFi AP as well, will have records about WiFi connections in ntopng? Lets say my kids connected to WiFi on this router and will i see in ntopng , where they are going? If will use static IP on router as describe in your previous reply like a first option.
-
@antibiotic
As @chpalmer already suspected, your secondary router seems not to be configured as a router for the devices connected to it.
Obviously all connected ports of it are member of the LAN bridge (br-lan). Otherwise pfSense would could only hand out DHCP leases for the devices behind it if you have enabled to DHCP relay on the OpenWRT.If you want to run it as router, connect its WAN to pfSense, let the home router do the DHCP server for the devices connected to it (wifi or other) or enable the DHCP relay and disable the outbound NAT.
Then you have to configure the outbound NAT for the network behind the router on pfSense manually, cause pfSense doesn't know this network and add a static route on pfSense for the network and point it to the home routers WAN IP.
Then you will also see the IPs behind the home router on pfSense and can filter them.But if you whole intention is to use it for wifi and to connect other devices to its switch, you don't need to switch it in the router mode can and leave the connection as it is.
-
@viragomann said in Pfsense and Router:
Otherwise pfSense would could only hand out DHCP leases for the devices behind it if you have enabled to DHCP relay on the OpenWRT.
I think DHCP relay working , beacuse can see DHCP leases for the devices behind WiFi router. But Firewall - NAT Rules are completely empty on this router. Is it normal? If my whole intention is to use it for wifi and to connect other devices to its switch.
