Windows giving all vlans the same network profile
-
Hello,
I'm not sure if this is the correct forum for this question since I believe that it might be an issue with Windows' NLA.The scenario that I'm dealing with is:
I have a Windows machine that has two NICs.
The NICs are on separate vlans.NIC/VLAN #1:
- Gateway Connection-specific DNS Suffix: example1.com
- DHCP Enabled: Yes
- IPv4 Address: 172.16.30.243
- IPv4 Subnet Mask: 255.255.255.0
- IPv4 Default Gateway: 172.16.30.1
- IPv4 DHCP Server: 172.16.30.1
- IPv4 DNS Server: 1.1.1.1
- IPv4 WINS Server:
- NetBIOS over Tcpip Enabled: No
NIC/VLAN #2:
- Connection-specific DNS Suffix: example2.com
- DHCP Enabled: Yes
- IPv4 Address: 192.168.50.119
- IPv4 Subnet Mask: 255.255.255.0
- IPv4 Default Gateway: 192.168.50.1
- IPv4 DHCP Server: 192.168.50.1
- IPv4 DNS Servers: 192.168.50.14, 192.168.50.15
- IPv4 WINS Server:
- NetBIOS over Tcpip Enabled: No
The issue is that Windows is giving both NICs/VLANs the same network profile which is preventing me from setting one as a Public network and the other as a Private network.
I'm assuming there isn't a setting I can change in pfsense to make them show up as different network profiles in Windows?
Any guidance here would be greatly appreciated.
best,
jac -
@jac Why two gateways? That seems problematic. Not sure that’s related to your issue though.
Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
Upvote 👍 helpful posts! -
Probably both gateways have the same MAC address if they are VLANs on the same NIC. Windows uses that to identify the DHCP server I believe.
If you can change that I imagine it will workaround the issue. Seems like a Windows problem though I agree.
Steve
-
@SteveITS yeah concur multihoming is almost always problematic.. If you do need a connection to another network like a backup network or san (storage area network) its best not to set a gateway on that network.
As to the same windows profile firewall problem - I do believe NLA uses the mac of the gateway as mentioned by @stephenw10
One way to change that would be to use a different physical interface for these networks on pfsense. But personally I would rethink the need for multihoming the box in the first place - what exactly are you trying to accomplish with doing that?
My pc is multihomed.. But the 2nd network is just direct to my nas on a network that can't go anywhere other than the other host on the end of the wire. This is my san if you will.. This network is 2.5ge between my nas and pc used to transfer files back and forth. This network has no gateway, because there isn't one that could get it to other networks, and no dns either. This connection is only used when talking to the device on the other end of the 2.5ge connection.
