Two subnets
-
@johnpoz Asus router have on WAN option Forward local domain queries to upstream DNS. Is it better to keep ON, because have pfBlockerNG on pfSense? or it doesn't matter
-
@johnpoz Thank you for perfect explanation with a schemes , have in mind a lot new! You are the best)))
-
@johnpoz So finally better to switch OFF NAT and firewall on Wireless router and set on pfSense router interface LAN 192.168.11.1/29 not 24. Is it correct?
-
@Antibiotic Invalid DHCP pool 192.168.11.10 - 192.168.11.30 for WIFI subnet 192.168.11.0/29 detected. Please correct the settings in Services, DHCP Server
-
@Antibiotic if you set a /29 on pfsense interface - how would you think you could have a dhcp range of .10 to 30?
You don't have to use the /29 as your transit.. That just a example, you can use any network you want for your transit network.
-
@johnpoz So can leave 192.168.11.1/24?
-
@Antibiotic sure.. keep in mind a transit network shouldn't have any "hosts" on it - so not sure why would would "need" a /24.. but sure you can use it as long as doesn't overlap with other networks. When you put hosts on a transit network your most likely going to run into asymmetrical routing problems.
-
@johnpoz So you mean better do not put any devices in LAN of Wireless router?or what it mean hosts?
-
@Antibiotic yeah a device.. be it a phone or pc or anything that is going to talk to anything.. Ie not a router.. These devices do not belong on a "transit/connector" network..
-
@johnpoz So , again misunderstanding, I can use LAN of Wireless router to connect devices but this devices should belong to transit network. Is it correct? Should be in network for example 192.168.11.0/24
-
@Antibiotic dude if your going to use your 11 network to connect your router.. Then those should be the only thing on that network pfsense and your downstream router.
Put your stuff on either the 10 network or the 12 network behind your router...
-
@johnpoz So LAN of Wireless router should set for example 192.168.50.1 , Its correct?
-
@Antibiotic what? Yes you can use any network you want, as long as its doesn't overlap with yoru lan (10 network) or your lan 2 (11 network)...
-
@johnpoz Thank you very much)))
-
@Antibiotic
pfSense LAN static 192.168.11.1/29 DCHP POOL 192.168.11.1-192.168.11.6
Wireless router WAN :
IP Address static 192.168.11.2
Subnet Mask 255.255.255.0
Default Gateway 192.168.11.1
DNS 192.168.11.1
Wireless router LAN:
IP Address192.168.13.1
Subnet Mask 255.255.255.0
DCHP POOL 192.168.13.1-192.168.13.5
Wireless router NAT and Firewall disabled, router itself have internet but Laptop and Phones, no any internet, please what I'm doing wrong? -
@Antibiotic why are you changing the IP ranges to /29?? Just leave all your networks /24, not like you have a limted amount of space to work with..
And you have a mask mismatch, you have /29 on pfsense and /24 on your 2nd routers wan????
Did you setup the gateway and route in pfsense for this downstream network? All of the info you need on how to do a downstream router is right there on drawing..
This is perfect example of why you don't complex this up.. Even if you get it working, its clear your not going to have any idea "why" its working.. Or how..
-
@johnpoz Did back to /24 no result, see on picture" pfSense interface rules must pass traffic from downstream subnets not just the interface subnet. Should me create some firewall rule?
-
-
@johnpoz Please calm down))) Where should to create on pfsense router or Wireless router? Static routes? from where to where. Lets say I'm a seaman and if you start asking how to load a vessel may be also going to crazy))) Please step by step
-
@Antibiotic I have given you all the info any person could ask for..
But how can you not understand you would need to create a firewall rule to allow a downstream network? It right there in the drawing to remind you..
If you do not understand basic concepts of networking - your going to have a really hard time..