4100 LAN[234] setup problems
-
I have done initial setup of a Netgate 4100 with pfSense, including upgrades to latest stable software. It is getting connectivity to the outside via an internet gateway router's LAN interface (192.168.2.1) on the pfSense's WAN interface. The gateway router, if it matters, is giving out v4 addresses in the 192.168.2.100-254 range on a LAN interface. The IPv6 WAN configuration setting on it says DHCPv6-PD. The LAN interface on the 4100 works fine. This is for a small network, and I configured it to use 192.168.3.1/24. From the there I used the pfSense console to configure LAN[234]. Those are not yet working, and that's where I need some advice. If I take the ethernet cord out of the LAN port and stick it in the LAN2 (or others), I can get an IP addres, but I can't ping the gateway, or route to the internet. I want to connect a switch via an ethernet cable to one of these and connect other devices, both wired and wireless, through that to the internet. I watched some tutorials and did the following. I'll use LAN2 as the example, but I did basically the same thing with 3 and 4, with different class Cs (192.168.4.1/24 for LAN2, 192.168.5.1/24 for LAN3, 192.168.6.1/24 for LAN4).
- Tried to configure LAN2 exactly like LAN1:
** Static IPv4
** I tried to choose "Track Interface" for IPv6 Configuration type, but it told me that was taken, so I tried both DHCP6 and None) - IPv4 Address: 192.168.4.1/24
- IPv4 Upstream gateway: None
- Otherwise defaults
- For each of LAN[234], enabled the DHCP server on, for example, the subnet 192.168.4.0/24, for the pool range 192.168.4.100-254
- Went into Firewall... Rules, and:
** Examined the LAN rules ( Anti-Lockout Rule, Default allow LAN to any rule, Default allow LAN IPv6 rule)
** Copied the 2nd and 3rd of those rules to LAN[234]
I saved, applied and reloaded various services, but I still can't connect.
To recap the specific things I can and can't do:
- CAN DO: connect laptop via ethernet cable to LAN port, get IP address (192.168.3.100), ping gateway (192.168.3.1), reach internet router (192.168.2.1) and internet, resolve DNS even without further configuration, ping and even configure other LAN ports [234]
- CAN DO: connect laptop via ethernet cable to LAN[234], get IP address from the pool, typically 192.168.[456].100
- CAN'T AND WANT TO DO: with laptop connected via ethernet cable to LAN[234], ping gateway (192.168.[456].1), internet gateway (192.168.2.1) or internet
Any advice on a path forward here will be much appreciated
- Tried to configure LAN2 exactly like LAN1:
-
@netgatecustomer2485 Can you screen cap the new rules? For instance a new rule in pfSense defaults to TCP not "IPv4 *".
-
Thanks for offering to help. I read the manual a bit more. I needed a bridge.
-
@netgatecustomer2485 said in 4100 LAN[234] setup problems:
I read the manual a bit more
I'll save you the trip to the manual.
LAN[234] will reply your pings if you allow it to do so. Typically : use a firewall rule on LAN[234] that let ICMP pass.Bridge : on a 4+2 port 4100 ?
The non technical solution : get an inexpensive 5 port 1Gb switch. True : this will consume about 8 W x 24 x 365 = 70 Kwh per year, that nearly 4 € or 4 $ a year.
This will make maintenance live easy on you.
