Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Install and configured (non-working internet)

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    24 Posts 10 Posters 4.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S Offline
      stealthrt
      last edited by

      What screenshots would you need to see from my setup in order to determine where i am not setting up something correctly?

      1 Reply Last reply Reply Quote 0
      • johnpozJ Offline
        johnpoz LAYER 8 Global Moderator
        last edited by

        " i setup my LAN with 7.7.7.1."

        Dude - that is just WRONG.. unless you own public IP space you should be using rfc1918 on your lan.  If you don't like the default 192.168.0.0/24 then use any of the other of millsions of networks you could use 10.x.x.x/?  192.168.x.x/?, 172.16-31.x.x/?

        You can not just pick some random public IP address range ouf of thin air and use it..

        And again why would it be better to have 7 to your switch vs 1?  Again are you going to be lagging them, do you plan on having more than 1 segment, do you even know what a segment/vlan is?  Do you have a switch that supports vlans?

        Yes I would love a board that has 8 nics to use as a router - but don't really need that many in most setups.. Could of saved some bucks if you don't have use of that many nics.  Ethernet ports in nic cards are not switch ports!!!

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 25.07.1 | Lab VMs 2.8.1, 25.07.1

        1 Reply Last reply Reply Quote 0
        • H Offline
          hda
          last edited by

          @stealthrt:

          What screenshots would you need to see from my setup in order to determine where i am not setting up something correctly?

          Software pfSense tab-pages, specifically from 192.168.9.1 :80 ?, preferably from 192.168.1.1 :80

          • Interfaces: Assign network ports
          • Status: Interfaces
          • Interfaces: WAN
          • Interfaces: LAN

          [Or maybe your hardware of 7 switches(16) for 7 LAN's for 105 workstations or the like.]

          1 Reply Last reply Reply Quote 0
          • KOMK Offline
            KOM
            last edited by

            More importantly, is that a picture of Chef Emeril Legasse in the last two images?

            1 Reply Last reply Reply Quote 0
            • K Offline
              killmasta93
              last edited by

              More importantly, is that a picture of Chef Emeril Legasse in the last two images?

              lolz i had to zoom into the photo priceless  ;D

              Tutorials:

              https://www.mediafire.com/folder/v329emaz1e9ih/Tutorials

              1 Reply Last reply Reply Quote 0
              • A Offline
                almabes
                last edited by

                Seven LAN ports…BAM!
                ;)

                1 Reply Last reply Reply Quote 0
                • S Offline
                  stealthrt
                  last edited by

                  Would those who are serious here on this forum to help others please PM me so that I can not waste my time reading stupid reply's that help me 0% to my original question for help. Thanks.

                  1 Reply Last reply Reply Quote 0
                  • DerelictD Offline
                    Derelict LAYER 8 Netgate
                    last edited by

                    Reset to factory.

                    Configure your WAN.

                    Leave LAN at default.

                    Plug a computer into LAN.

                    You'll be online.

                    Then add one system at a time.  No need to fart around with a wireless access point if you don't have working internet yet.

                    Chattanooga, Tennessee, USA
                    A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                    DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                    Do Not Chat For Help! NO_WAN_EGRESS(TM)

                    1 Reply Last reply Reply Quote 0
                    • S Offline
                      stealthrt
                      last edited by

                      @Derelict:

                      Reset to factory.

                      Configure your WAN.

                      Leave LAN at default.

                      Plug a computer into LAN.

                      You'll be online.

                      Then add one system at a time.  No need to fart around with a wireless access point if you don't have working internet yet.

                      Thanks for the helpful advice, Derelict.

                      Now what do i need to set the other LANs 3-8 to/as so that it mimics like LAN 2 is currently set to?

                      1 Reply Last reply Reply Quote 0
                      • DerelictD Offline
                        Derelict LAYER 8 Netgate
                        last edited by

                        How am I supposed to know what LAN 2 is currently set to?

                        Assign the interface
                        Edit the interface, assign an IP address/subnet
                        Edit DHCP to match
                        Create firewall rules

                        Chattanooga, Tennessee, USA
                        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                        Do Not Chat For Help! NO_WAN_EGRESS(TM)

                        1 Reply Last reply Reply Quote 0
                        • S Offline
                          stealthrt
                          last edited by

                          @Derelict:

                          How am I supposed to know what LAN 2 is currently set to?

                          Assign the interface
                          Edit the interface, assign an IP address/subnet
                          Edit DHCP to match
                          Create firewall rules

                          Lan2 is set to 192.168.1.1 (static) (with a DHCP range from 192.168.1.10 to 192.168.1.254 with submask set to 255.255.255.0).

                          So I am guessing that Lan3-8 should be something like this:

                          Lan3 set to (static) 192.168.1.2
                          Lan4 set to (static) 192.168.1.3
                          Lan5 set to (static) 192.168.1.4
                          Lan6 set to (static) 192.168.1.5
                          Lan7 set to (static) 192.168.1.6
                          Lan8 set to (static) 192.168.1.7

                          Would that be correct? I tried a few things last night but once i unhooked LAN2 (but still had LAN3 connected) it didn't seem to have internet nor admin panel connection any longer.

                          1 Reply Last reply Reply Quote 0
                          • DerelictD Offline
                            Derelict LAYER 8 Netgate
                            last edited by

                            So I am guessing that Lan3-8 should be something like this:

                            Lan3 set to (static) 192.168.1.2
                            Lan4 set to (static) 192.168.1.3
                            Lan5 set to (static) 192.168.1.4
                            Lan6 set to (static) 192.168.1.5
                            Lan7 set to (static) 192.168.1.6
                            Lan8 set to (static) 192.168.1.7

                            Why are you guessing anything?  There's no guessing involved in this field.  It's all standards-based with precise rules on how you do things.  You will need to understand IP subnetting to make this work.

                            Lan3 set to (static) 192.168.2.1
                            Lan4 set to (static) 192.168.3.1
                            Lan5 set to (static) 192.168.4.1
                            Lan6 set to (static) 192.168.5.1
                            Lan7 set to (static) 192.168.6.1
                            Lan8 set to (static) 192.168.7.1

                            Chattanooga, Tennessee, USA
                            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                            Do Not Chat For Help! NO_WAN_EGRESS(TM)

                            1 Reply Last reply Reply Quote 0
                            • A Offline
                              almabes
                              last edited by

                              Do you even have one LAN port passing traffic to WAN yet?  I haven't seen a posting indicating that is the case yet.

                              Have you read the basics of how to write firewall rules?  Do you have any understanding of IP routing?

                              If not, connecting and trying to bring up all 6 other interfaces is going to do nothing but make your pfSense firewall an over-complicated mess.  You've got to walk before you run.

                              Work on getting the interfaces up one at a time.  No, 7 is not better than 1, it's just more complicated and prone to failure if you don't know what you're doing (and why you're doing it).

                              pfSense is not a switch, its a firewall.

                              1 Reply Last reply Reply Quote 0
                              • johnpozJ Offline
                                johnpoz LAYER 8 Global Moderator
                                last edited by

                                I am with almabes here - why are you trying to bring up all of the interfaces at once??  Get your 1 wan and 1 lan working - then play with the others.  Do you even have a smart/managed switch that will allow you to run all those other segments 192.168.6, 192.168.7 etc..

                                Or you do you plan on running 7 different segments over the same physical wire?

                                An intelligent man is sometimes forced to be drunk to spend time with his fools
                                If you get confused: Listen to the Music Play
                                Please don't Chat/PM me for help, unless mod related
                                SG-4860 25.07.1 | Lab VMs 2.8.1, 25.07.1

                                1 Reply Last reply Reply Quote 0
                                • T Offline
                                  tim.mcmanus
                                  last edited by

                                  Can you draw out what you want your network to look like?  I'm much better with visuals than text descriptions.

                                  If you're going to set up a network that has a WAN, LAN, and WiFi, you only need three ports.  If your switch is a layer 3 switch, you could create VLANs on your LAN, but that's only if the switch will support it.  Otherwise, those additional NICs will sit unused.  There is no technical advantage to having more than one NIC on your switch, and it can actually cause problems if you misconfigure something (like not properly creating VLANs and firing up two DHCP servers).

                                  So if you can help me understand what you want to do, it'll be easier for me to get you there.

                                  1 Reply Last reply Reply Quote 0
                                  • S Offline
                                    stealthrt
                                    last edited by

                                    To all of your questions:

                                    Yes, WAN and my first LAN1 works. I have internet and the PC thats connected to a netgear switch is assigned the correct IP range.

                                    I tried following these sets here:

                                    https://www.all4os.com/router/bridge-multiple-lan-portsnics-to-act-like-a-router-in-pfsense-2-1.html

                                    Step 1: Assign an individual IP for all NICs by going to 'Interfaces → Assign'. Important!
                                    Note: Only set up a IPv4 address for each NIC.

                                    Step 2: Set up DHCP on NIC1 by going 'Services → DHCP server'

                                    Step 3: Bridge other NICs by going to 'Interfaces → Assign → Bridges' and set up an IP for the interface.
                                    Note: Do not include WAN and NIC1.

                                    Step 4: Create a interface groups by going to 'Interfaces → Assign → Interface Groups'.
                                    Note: Include all NICs and Bridge interface in "Member (s)", do not include WAN.

                                    Step 5: Change the default firewall rule under NIC1 to all NICs interfaces to avoid being locked out by going to 'Firewall → Rules'
                                    Note: Change the Interface from NIC1 to the Interface groups which is created in Step 4.

                                    Step 6: Enable DHCP on the bridge interface by going to 'Services → DHCP server'.

                                    Step 7: Disable DHCP on NIC1 by going to 'Services → DHCP server' and include NIC1 into the bridge which is set up in Step 3 by going to 'Interfaces → Assign → Bridges'.

                                    Step 8: reboot and test.

                                    And when i disconnected LAN2 and still have LAN3 connected it went offline and i was unable to log into the PFSence box or browse the internet.

                                    What I am wanting to do is this:

                                    Have all LANs 2-7 as DHCP so that, say, if i disconnect LAN2 from the switch its connected to then the PC(s) that are using that switch still have LANs 3-7 connected to that switch to stay online with (no downtime since it still has those other connections from the PFSense box).

                                    The switch i will be using is the NETGEAR 24 Port Gigabit Business-Class Rackmount Switch - JGS524.

                                    1 Reply Last reply Reply Quote 0
                                    • johnpozJ Offline
                                      johnpoz LAYER 8 Global Moderator
                                      last edited by

                                      You need 6 interfaces in failover – REALLY??  6 of them??

                                      Kind of pointless to have 6 lan failover ports with 1 wan..  What happens when that wan fails, then your 6 failover ports are kind of completely pointless and useless..

                                      Your switch JGS524 is what they call a DUMB switch, not managed no VLAN support switch.. You can not do anything with that piece of junk.  No lagg, no vlans, have to to assume no stp (spanning tree) see see no mention of it in specs - but yeah lets connect 6 interfaces in a bridge to a non spanning tree dumb switch..  Fantastic idea :rolleyes:

                                      An intelligent man is sometimes forced to be drunk to spend time with his fools
                                      If you get confused: Listen to the Music Play
                                      Please don't Chat/PM me for help, unless mod related
                                      SG-4860 25.07.1 | Lab VMs 2.8.1, 25.07.1

                                      1 Reply Last reply Reply Quote 0
                                      • R Offline
                                        robi
                                        last edited by

                                        stealthrt - the truth is that in your case you don't need all those LAN ports in pfSense. Anything you're trying to do with the extra ports, will do more harm than good.

                                        What you could actually do with them, is to create separate networks (using separate switches) with each LAN port to separate traffic of those networks from each other. You could run a network separately for your kids, one for yourself, one for your neighbor, one for wifi, etc.
                                        Do you intend to use it like that? If yes, you may need many ports.

                                        If not, one single WAN and one single LAN are enough. You don't need to use the others.

                                        1 Reply Last reply Reply Quote 0
                                        • stephenw10S Online
                                          stephenw10 Netgate Administrator
                                          last edited by

                                          The only way you can connect more than one of those LAN ports to your switch is as part of a LAGG but it seems like your current switch doesn't support that. Connecting more than one port currently would be a bad idea.
                                          You can configure the ports in a bridge as you described and then connect other clients to that directly if you want. Others here will tell you it's a waste of ports though and not as good as using a real 8 port switch.
                                          Are you able to connect a client to any of those other LAN ports and get internet access?

                                          Steve

                                          1 Reply Last reply Reply Quote 0
                                          • First post
                                            Last post
                                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.