"The IP address must not be within the DHCP range for this interface"
-
Right, a very basic run down of what I have. Have replaced our corp firewall at work with pfSense. Am running 5.0-BETA. We have an XBox at work for the downtime and I need to open up some ports for it to work properly with XBox Live (http://support.xbox.com/en-gb/pages/xbox-360/troubleshoot/kb/xbox-kb.aspx?kbid=908874). The XBox has an IP from the scope I'm using (192.168.2.4). I pulled the MAC address from the DHCP leases link in pfSense and now want to add a DHCP reservation so that I can add a rule that locks down access to the above ports to the XBox only.When I try to assign the address (or any address in the scope) to a reservation under the DHCP Serve link, I am shown the above error. I don't understand why as without the ability, how can I lock down the rules? The rules will become invalid if something else picks up the current IP address of the XBox.
Many thanks for any light you can shed!
:) -
On pfSense DHCP server the DHCP address range specifies the range of addresses available for assignment to ANY MAC address. DHCP static IP address assignments must be outside that range.
Hence you need to either
-
split your current range(s) so that the current IP address isn't included; OR
-
assign the XBOX a different IP address, one outside the DHCP address range
-
-
You might want to read this page to better understand why you can't have a static DHCP entry inside of your pool:
http://doc.pfsense.org/index.php/Why_can%27t_I_have_static_mappings_inside_my_DHCP_range%3F
-
Hi Jimp,
While I understand the link, I find this statement odd:
"An example: If your DHCP pool is from 192.168.0.10 to 192.168.0.250, and you define a static mapping for 192.168.0.25. If the PC that normally has 192.168.0.25 is ever offline, another device could be assigned 192.168.0.25. When the other machine powers back up, it will not be able to get 192.168.0.25 because it is currently in use."
What's the point of using MAC addresses if the reserved addresses can be assigned to other machine? Surely that's the point of using the MAC address. All other dhcp servers I've used allow the assignment of addresses from the range. This was why I was confused.
-
Read it again. A DHCP static map is not a reservation. That's just how the DHCP daemon we use works. The MAC address has nothing to do with the scenario given there.
If you were to put a static map in the pool, and the machine with the static map is offline, and that IP comes up in the pool rotation, it will be handed out to someone else.
-
Ah ok. I was, as you say reading it as a reservation as up until this point my experience had been building DHCP on Windows servers and the odd home router setup where that's generally how DHCP static assignments within your given range would work.
Thanks for clearing that up.
:-)
