6100 initial setup problems - enabling DHCP on all 4 LAN ports
-
Apologies for the absence - other projects got dumped on me - so now Im back here and I'm still stuck.
Thus far I have the separate interface opt7 as a bridge and lan2-4 assigned to it. the firewall rules on the bridge are the same as what's on lan1 (the default).
also, tried setting up wan2 as management and that's not going anywhere either.
so as it now stands i have 1 working wan and 1 working lan port.
-
How did you setup WAN2?
I would expect to need to:
Set it to a static IP in a new unused subnet.
Enable DHCP on that interface with a pool inside the new subnet.
Add pass firewall rules on the interface.Then you should be able to connect to it directly and access the pfSense GUI.
-
@stephenw10
Well - that's one issue right there - I don't see how to setup DHCP on the WAN interface - only LAN is listed under the DHCP Server options.Well - I'm going back to the defaults again - I suspect something along the way got wrapped around the axle again.
-
The DHCP Server setup only shows interfaces that it can run on which means only those with static IPs. By default WAN2 is configured as dhcp which is why the first step is to set it as static.
-
@stephenw10
Weird - I did that and used a different network... ok - starting from scratch and maybe this time through it will all make sense.So to recap.. from default config...
Interfaces - create bridge group and add lan2-4
create interface (default name is opt7) and assign it to the bridge groupon wan2 - assign static ip / different network / and should then appear as option for dhcp server (change default from /32!!!)
firewall rules - copy LAN to Wan2/Management interfaceSo now - im getting my dhcp ip on the management interface but still unable to go anywhere - what checkbox am i missing now?
-
@Username00 said in 6100 initial setup problems - enabling DHCP on all 4 LAN ports:
firewall rules - copy LAN to Wan2/Management interface
The default LAN rule uses 'LAN subnet' as the source but that's not valid on the WAN2/MGMT interface. So if you just copied it it will not pass traffic. Change it to 'WAN2 subnet' or any.
-
@stephenw10
AHHH - that's what that means!
OK - So now I'm good on Management - now I'm in the process of moving the LAN config over to the LANBridge.And I wound up breaking Management and the bridge..... (that default /32 on static ip got me again)
OK - I figured out via .xml how to migrate my static dhcp reservations from LAN to LANBridge - and now I think I'm good to go.
Holy crap!OK - going to save this config - start from scratch to make sure I didn't miss anything - then hook it up.
Next stop - Wireguard - (but that will be a different thread)
Thanks!
-
If you eventually reassign LAN to bridge0 the static DHCP leases and firewall rules etc would all follow that.
But, yes, it's super easy to get locked out whilst setting up a bridge (ask me how I know!). Having the mgmt interface available to connect to whilst you get the bridge configured makes it much easier.
-
What was interesting was that the dhcp config from LAN did not follow over - but it was still present in the .xml file. So easy enough to copy those entries from <lan> to <opt7>.
Lots of good gotcha items - and will post a nice document here once I've got it all sorted out for others to use.
-
If you had to copy it to opt7 then you had not yet re-assigned lan as the bridge0 interface. Once you do that everythign that was applied to the original LAN interface would apply to the bridge and hence all the bridged interfaces.
