Run pfSense on a watchguard firebox x700
-
well i got into the webgui however system froze and i lost it so start again
-
Ooops! Any idea why?
Nearly there. :)Steve
-
no i dont know focused more on getting pfsense working first then i will sort out bugs on system what i refer to as the server is just a storage machine so dont really use it that much but need pfsense on wg x700 as i store everything on there wedding photos etc and i use wireless access points so i will have too sort them out after too infact i will have too redo my entire network as i had a diffrent ip adress so will have to reconfigure that after but thats not too much of a problom
-
I don't want to complicate things any further but you would probably be better connecting your main client machine to the LAN interface and the server to OPT1. It doesn't make much difference in the long term but initially the LAN firewall rules are relatively relaxed where as OPT1 will block everything.
Steve
-
yeah i know what you mean just i have another box and another internet supply for that machine as i have 2 inertent supplys and 8 computers to link up too 2 watchguards in my home 4 of the computers are wireless so that wont be too hard just need to get the main 2 sortted and the firewalls
-
Ok, following on from your PM, best to keep this on the forum where others can benefit or contribute.
Yes you will need to change one of those subnets as they are conflicting. There is no point in trying anything else until you do because the conflict will cause meaningless results only confusing matters further.
I suggest you change the pfSense LAN address rather than the modem because if you ever have to reset the modem it would re-create the conflict.At this point I am assuming you do not have access to the console menu via the X700 serial port. It is very useful to have that because you can always get back into the box that way if you accidentally lock yourself out of the webgui but it isn't necessary. To workaround the serial port quirk from the webgui do this:
Go to Diagnostics: Command Prompt: and type in the Command: boxecho 'console="comconsole"' >> /boot/loader.conf.localClick 'Execute' then type
echo 'comconsole_speed="115200"' >> /boot/loader.conf.localClick 'Execute'.
Reboot the X700 and change your serial terminal baud rate to 115200bps. You should now see the console menu. :)As I say you don't have to do that but may help later.
To change the LAN subnet in the webgui go to Interfaces: LAN:
In the section marked 'Static IPv4 configuration' change the IP address to something other than 192.168.1.1/24. For example you could use 192.168.100.1/24. Leave everything else as is. Click 'save' but DO NOT click 'Apply changes'. As the message says you have to change the DHCP range to agree with your new LAN settings.
Go to Services: DHCP Sever: LAN: (there may only be one tab at this point and LAN will be first anyway)
Change the 'Range' fields so they are inside your new LAN subnet, so for example 192.168.100.10 to 192.168.100.50.
Click 'save'.
Go back to Interfaces: LAN: and click 'Apply changes'.You should now be able to connect on the new IP address once you have told your Windows box on LAN to request a new IP (or rebooted it). Sometimes with big changes like this it's necessary to reboot the pfSense box for the changes to fully apply so try that if it's not working.
Now you can connect your modem and you should have internet access.
Since your modem is using PPPoE you may be able to put it in bridge mode and use pfSense to connect directly. This removes any limitations the modem may be introducing and puts your public IP on the pfSense WAN interface. Who is the ISP(s)?
Also since you have two DSL connections you could put both of them on the X700 and do load-balancing or fail-over. Just a thought for the future. ;)
Steve
-
thank you for your reply i have changed the lan ip adress however i see the diagnostic icon on the top righthand side of the webgui but i cant click on it the same with all them only one i can click on is system thats it very strange indeed
-
oooh i forgot too mention the isp provider is a company called talktalk.net in the united kingdom
-
Hmm, that is strange. The webgui uses javascript for the menus, they should appear beneath the titles when you mouse-over them, perhaps you have that disabled in your browser?
I am familiar with TalkTalk. I've spent hours on hold waiting for their legendarily terribly customer support! ::) Perhaps I was just unlucky.
I take it you have their fibre option if you're using PPPoE? With the separate Openreach modem?Steve
-
im on the 16mb im using talktalk on 1 internet but 100mb on virgin on the other but for the firebox im using 16mb as thats just for updating thats all and the tv till my contract runs out diabolical customer service and there level 2 techys couldnt solve a problom if they had the answers in front of them
-
:D Perhaps I wasn't just unlucky then.
So your Virgin connection is PPPoE?
It doesn't matter at this point really. Just thinking ahead.
Steve
-
i think so yes however im only focusing on getting the talktalk on the fbox at the moment
ive checked the javascript and made sure it was enabled in i.explorer and it is on so im lost at this point -
Try Firefox or Chrome.
If you can click on System you can go to General Setup and change the theme. If you choose the theme 'pfsense' it has fixed menus down the side.
Steve
-
i cant seem to get on the webgui again think i will start from scratch >:(
-
i got the console working right via google so now im ready to try and sort this out
-
hi all i got the iternet on then it went off i got the console working finally just rebooting it now just a bit stuck as too why the internet went off any ideas ??
-
oooh i forgot too mention i got ssh enabled now and im tring too get the screen working also
-
-
back on again i think my anti virus which has a built in anti virus is blocking it
need to do more diagnostics i think stephen how do i get the lcd to work ?
as your the expert at that from what ive read -
Most reliable way? This, which I just put up yesterday: http://forum.pfsense.org/index.php/topic,7920.msg344513.html#msg344513
Working great for me but I've had no feedback yet.Steve
