Hardware purchase advice please
-
Steve are you able to help with this….
OK so usually I give all my devices a fixed network IP by binding the device mac to an IP on the range.
So I have one device hooked up to LAN3 which has IP 192.168.3.1
OK... so I go to DHCP Server then select LAN3 then I go to the bottom to DHCP Static Mappings for this interface.
I add the mac and give it an ip of 192.168.3.10
I have the pool set to 192.168.3.10 - 192.168.3.245I've tried different IPs that I know are not in use within the above range also, but The following input errors were detected:
The IP address must not be within the DHCP range for this interface.
I get the following error
It will however allow me to add ips from 1-9 192.168.1.2 etc.
But that's not within the poolIs this some kind of bug?
-
Not seeing the NAS maybe due to a NetBIOS issue. More specifically NetBIOS won't cross subnets unless there is a device on all four subnets to manage it across those subnets. This is similar to the situation you'd run into if you were also using mDNS.
-
I've tried different IPs that I know are not in use within the above range also, but The following input errors were detected:
The IP address must not be within the DHCP range for this interface.
I have fallen foul of this several times. Each time it was because I consistently misread the error message.
The static leases you assign must NOT be within the DHCP lease pool. No idea why but I seem to skip over the word 'not' every time. ::)
So for your interface your have a lease pool of 192.168.3.10-245. When you try to assign a static mapping to 192.168.3.10 it won't allow it. You could use 192.168.3.9 for example. Or any thing in the ranges 192.168.3.2-9 or 192.168.3.246-254Steve
-
This post describes a possible solution to this without bridging:
http://forum.pfsense.org/index.php/topic,60400.msg326309.html#msg326309Steve
-
I've tried different IPs that I know are not in use within the above range also, but The following input errors were detected:
The IP address must not be within the DHCP range for this interface.
I have fallen foul of this several times. Each time it was because I consistently misread the error message.
The static leases you assign must NOT be within the DHCP lease pool. No idea why but I seem to skip over the word 'not' every time. ::)
So for your interface your have a lease pool of 192.168.3.10-245. When you try to assign a static mapping to 192.168.3.10 it won't allow it. You could use 192.168.3.9 for example. Or any thing in the ranges 192.168.3.2-9 or 192.168.3.246-254Steve
Thanks steve,
strange way of doing it.
I guess I would not be able to use 192.168.1.1 since this is used the router and surely would cause issues right?Also, not sure if you can advise me with this.. was hoping so… I want to use OpenVPN but have it so it only works on specified LAN adapters rather than all.
Is there a way I can do this? -
Is this some kind of bug?
No. That is the intended behaviour. DHCP static address assignments must be outside the pool of "dynamic" address assignments.
Consider this a measure to help reduce the likelihood of duplicate address assignments. If you add a new static assignment within the pool there is no easy way to tell if DHCP is about to assign the same address to a system requesting DHCP configuration.
-
I guess I would not be able to use 192.168.1.1 since this is used the router and surely would cause issues right?
Right. You can't use the interface address.
Also, not sure if you can advise me with this.. was hoping so… I want to use OpenVPN but have it so it only works on specified LAN adapters rather than all.
Is there a way I can do this?Yes. You can put in firewall rules to catch traffic from your selected clients and set the gateway they use as the OpenVPN gateway. You may want to setup a failover group such that they can still connect in the event the VPN goes down.
Steve
-
I guess I would not be able to use 192.168.1.1 since this is used the router and surely would cause issues right?
Right. You can't use the interface address.
Also, not sure if you can advise me with this.. was hoping so… I want to use OpenVPN but have it so it only works on specified LAN adapters rather than all.
Is there a way I can do this?Yes. You can put in firewall rules to catch traffic from your selected clients and set the gateway they use as the OpenVPN gateway. You may want to setup a failover group such that they can still connect in the event the VPN goes down.
Steve
Thanks.. I'm trying to get IPVanish working now…
I'm reading this... http://swimminginthought.com/pfsense-routing-traffic-strongvpn-openvpn/
The part that I find a little concerning is the part at #14 where it says...Now go to the the WAN Tab and create the same rule. (Weird,while it doesn’t make sense, if this rule is missing, it didn’t work for me.)
Does it mean, add a new rule and do..
Action: pass
Interface: WAN
Protocol: any
Then I need to set the gateway to the VPN Gateway.But adding such rule at the WAN is ok?
-
Hmm, that guide seems too vague for my liking in some areas. You shouldn't have to add that rule to WAN, why is it there? Also the guide says to add an allow any to any from any to the VPN interface but here the VPN interface is acting as your WAN so you have allowed any traffic including any random incoming stuff. :-
I would look at some other guides if I was you. There are a few here on the forum.Steve
-
Hmm, that guide seems too vague for my liking in some areas. You shouldn't have to add that rule to WAN, why is it there? Also the guide says to add an allow any to any from any to the VPN interface but here the VPN interface is acting as your WAN so you have allowed any traffic including any random incoming stuff. :-
I would look at some other guides if I was you. There are a few here on the forum.Steve
Thanks steve, that's what I was thinking too.
It did not make much sense to me.
I was able to get HideMyAss working without a WAN rule.
But IPVanish is just having non of it :( -
Still struggling with this.
http://forum.pfsense.org/index.php/topic,61973.0.htmlA little concerned about locking myself out of the router.
But this has to be possible? -
Hi Steve,
I want to add a 2.5 HDD to use for Squid.
What is the best way to add this into the pfSense system so it's seen and can be used?
thanks
-
The best and easiest way to do this is to use the HD as the boot media and remove the flash card completely.
Whilst it is possible to get the drive to mount automatically at boot and to set Squid to use it for its cache it is not a supported configuration. It would likely be broken by a firmware update.
Steve
-
The best and easiest way to do this is to use the HD as the boot media and remove the flash card completely.
Whilst it is possible to get the drive to mount automatically at boot and to set Squid to use it for its cache it is not a supported configuration. It would likely be broken by a firmware update.
Steve
Hi Steve,
Thanks for your advice.
I did manage to find a tutorial after typing this.
So I'm going to give it a bash.
I do have a 2.5 hd spare, one that come out of a ps3 when I changed the had for a larger size.
To prepare the hdd for FreeBSD so the os can use it.
What is the best way?
I'd be doing this in windows using a usb 2 sata adapter.
Is there a windows app that will prep the hd? -
It's almost certainly easier to format the disk from pfSense directly. I don't think there is any convenient way of writing UFS from Windows. This might help: http://doc.pfsense.org/index.php/Local_Disk_Storage_on_Embedded_%28soekris%29
Steve
