Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    CP, trying to setup dual LAN, need guidance

    Scheduled Pinned Locked Moved Captive Portal
    29 Posts 4 Posters 10.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      hoba
      last edited by

      Once a user has authenticated the firewallrules present at the cp enabled interface are obeyed, so you can give them access to lan or a single host or special ports or whatever. All depends on the rules.

      1 Reply Last reply Reply Quote 0
      • S
        stephen
        last edited by

        Ok so everything I described can be done then?  I guess I just need more patients to debug it because it wasn't working correctly.

        Stephen Crawford

        1 Reply Last reply Reply Quote 0
        • H
          hoba
          last edited by

          It should work ok for you if I get you right.

          1 Reply Last reply Reply Quote 0
          • S
            stephen
            last edited by

            Ok so what am I missing here, when I try to enable DHCP server on OPT1 it says:
            Subnet 
            Subnet mask 0.0.0.0
            Available range 0.0.0.0 - 255.255.255.255

            And won't let me choose a range.  Keeps saying "The specified range lies outside of the current subnet."

            Oh and I'm using 1.0.1

            Stephen Crawford

            1 Reply Last reply Reply Quote 0
            • H
              hoba
              last edited by

              Your interfaces>opt1 config must be invalid. It calculates the values from what is set there.

              1 Reply Last reply Reply Quote 0
              • S
                stephen
                last edited by

                Ok I set it correctly there except after I go to DHCP server->OPT1 it disappears and reverts back the set IP range.

                Heres more details from the interface status page:
                rl1 LAN
                Status  up
                IP address  10.0.100.1 
                Subnet mask 255.255.255.0

                rl0 OPT1
                Status  up
                DHCP up 
                IP address 0.0.0.0 
                Subnet mask 255.0.0.0

                Stephen Crawford

                1 Reply Last reply Reply Quote 0
                • H
                  hoba
                  last edited by

                  Why did you set opt1 to dhcp? It doesn't get a lease. There doesn'T seem to be a server on that interface.

                  1 Reply Last reply Reply Quote 0
                  • S
                    stephen
                    last edited by

                    Hm, well that would make sense, now wouldn't it!  Maybe you can append a note to that page, "if you're trying to setup a DHCP server on this interface, select static"

                    I should be good to go after a little more tampering, thanks for all your help.

                    Stephen Crawford

                    1 Reply Last reply Reply Quote 0
                    • H
                      hoba
                      last edited by

                      That option is for dhcp client, not as dhcp server  ;)

                      1 Reply Last reply Reply Quote 0
                      • S
                        stephen
                        last edited by

                        ::)

                        Ok, ran into another snag.  I've got the access point all configured correctly so its on 10.0.200.5, I can access from the LAN it and it passes thru CP, now the next item on the agenda would to make CP work on OPT1.  When I try to access the net from my laptop it says it can't find the server, although its connected properly and has an IP address (10.0.200.244).  I can access the access point config since I setup 10.0.200.50 as an allowed "from" ip in CP.

                        Any ideas?  Its probably something simple I'm just overlooking as I did before  :-X

                        Edit: I can also access the CP page (http://10.0.200.1:8000/) from my LAN.
                        Edit 2: I have a rule for OPT1 also set, from OPT1 subnet to any.

                        Stephen Crawford

                        1 Reply Last reply Reply Quote 0
                        • H
                          hoba
                          last edited by

                          Make sure clients at opt1 are using the pfsense opt1 IP as dns.

                          1 Reply Last reply Reply Quote 0
                          • S
                            stephen
                            last edited by

                            Yep, the access point is configured with dns and gateway of 10.0.200.1, double checked my laptop and it confirms this.

                            Stephen Crawford

                            1 Reply Last reply Reply Quote 0
                            • H
                              hoba
                              last edited by

                              Try to delete the allowed IP OPT1 IP. Not sure if this prevents the redirection to the CP page.

                              1 Reply Last reply Reply Quote 0
                              • S
                                stephen
                                last edited by

                                Hm, ok removed the allowed IP in CP.  Still isn't forwarding to the CP login page.

                                Another note, can't access http://10.0.200.1:8000 from OPT1 but can from the LAN.

                                Stephen Crawford

                                1 Reply Last reply Reply Quote 0
                                • H
                                  hoba
                                  last edited by

                                  What version are you running?

                                  1 Reply Last reply Reply Quote 0
                                  • S
                                    stephen
                                    last edited by

                                    1.0.1 full install

                                    Stephen Crawford

                                    1 Reply Last reply Reply Quote 0
                                    • H
                                      hoba
                                      last edited by

                                      Then I'm out of ideas  :-\

                                      1 Reply Last reply Reply Quote 0
                                      • S
                                        stephen
                                        last edited by

                                        Ok another idea, disabled CP and I still can't get out to the internet from OPT1…  I'm close, I can taste it.

                                        Stephen Crawford

                                        1 Reply Last reply Reply Quote 0
                                        • H
                                          hoba
                                          last edited by

                                          Try to reboot, maybe something broke somewhere in between the misconfigurations.

                                          1 Reply Last reply Reply Quote 0
                                          • S
                                            stephen
                                            last edited by

                                            Another question before I do though, what should the gateway be set to on OPT1, the same as the LAN one?

                                            Edit: getting traffic thru OPT1 after the reboot, no gateway set on OPT1 now also.

                                            Edit 2:  ;D yay! its working!!

                                            Stephen Crawford

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.