Problem with setting for 1wan 2lan

alanlai88

Firstly, I have tried to use search and read many posts on this forum even on pfsense.com for serval hours and can't find the answer.

I just want to setup a pfsense with 1wan and 2lan.

Pfsense version: 1.2.3

• Hardware on pfsense computer: onbroad lan x 1, PCI 10/100M lan x 2, 2.4G CPU, 1G RAM, 40G harddisk
• 2 workstations with Windows 7 installed
• WAN setting: sis0, DHCP
• LAN setting: fxp0, DHCP, IP:192.168.0.254/24
• OPT1 setting: fxp1, bridge with LAN

The situation for now are:

• I can connect to pfsense server from workstation A, open webgui and access to internet with no problem
• I can't connect to pfsense server from workstation B, even webgui and access to internet

I'm also tried to seperate two LAN (without using bridge), however when I selected Interfaces –> OPT1 --> DHCP + Bridge with "none" + IP address "192.168.1.254/24" --> Save, the IP address won't save when I click into OPT1 again for checking

I don't know what's wrong with the mentioned setting. Could anyone give a hand?

wallabybob

@alanlai88:

I'm also tried to seperate two LAN (without using bridge), however when I selected Interfaces –> OPT1 --> DHCP + Bridge with "none" + IP address "192.168.1.254/24" --> Save, the IP address won't save when I click into OPT1 again for checking

I don't know what's wrong with the mentioned setting. Could anyone give a hand?

I don't have an explanation. However, I have seen things in pfSense that have lead me to believe that it doesn't always clean things up when configurations change. Perhaps there is some memory that fxp1 WAS in a bridge and hence it shouldn't have an IP address.

@alanlai88:

The situation for now are:

• I can connect to pfsense server from workstation A, open webgui and access to internet with no problem
• I can't connect to pfsense server from workstation B, even webgui and access to internet

Is workstation B on fxp1? Does it use DHCP for configuration? If so, do you have a firewall rule on fxp1 to allow DHCP traffic?

alanlai88

@wallabybob:

Is workstation B on fxp1? Does it use DHCP for configuration? If so, do you have a firewall rule on fxp1 to allow DHCP traffic?

Yes, workstation B is on fxp1.

If I want fxp1 bridge with fxp0, fxp1 will use DHCP automatically because of fxp0 is using DHCP, am I right?

Firewall rule on fxp1 already set to any to any.

wallabybob

@alanlai88:

If I want fxp1 bridge with fxp0, fxp1 will use DHCP automatically because of fxp0 is using DHCP, am I right?

DHCP will be enabled on fxp1 when fxp1 is bridged to fxp0 and DHCP is enabled on fxp0. DHCP on workstation B is configured entirely independently.

@alanlai88:

Firewall rule on fxp1 already set to any to any.

There are more than two parameters in a firewall rule (protocol, source IP, source port, destination IP, destination port etc). Firewall rules described as "any to any" won't necessarily pass DHCP requests. For example, protocol=TCP, source IP=any, source port=any, destination IP=any, destination port=any won't pass DHCP traffic. Also, preceding rules are important because the first rule to match a packet determines what happens to the packet.

I suggest you reboot workstation B, see what IP address it has and if the IP address is in the DHCP range. If the IP address is out of the DHCP assigned range take a look in the firewall log (Status -> System logs, click on the Firewall tab) to see if the firewall blocked the request.