FreeNAS server not showing up on DHCP lease….but I can connect to it.
-
I just set up pfSense and am trying to hook up my pfSense box to it, but the strangest thing is happening.
- The FreeNAS was set up to ask for 192.168.1.99.
- PfSense is set up to hand out 192.168.1.2 - 192.168.1.200
- All my other clients are showing up on pfSense, except this NAS box. Still, I can punch its IP address in and connect to its webGUI.
- I am CERTAIN there is no other device on my little home network handing out IP addresses.
What gives!?
-
I don't think there's a way to tell the FreeNAS (or any device I've ever seen) to ask DHCP for a specific IP address. What I think you've done is set it static, which doesn't use DHCP at all so the DHCP server won't know about it.
If you want to hand a specific address to FreeNAS using DHCP, set FreeNAS to DHCP and put a static assignment in the DHCP server.
Best practice say to put these assignments, along with any static assignments, OUTSIDE your dynamic DHCP pool.
-
Thanks for the explanation. I thought when devices decide on their own IP address, they still have to "check in" with the DHCP server…
Since it assigns its own static IP and doesn't show up on pfSense's DHCP list, is there any way for me to tell me in the WebConfigurator if these types of devices are connected to my network?
That is, in theory, somebody could set their laptop to use a static IP and plug it into my network and I would never notice?
Also, if you couldn't tell already, I am VERY new to pfSense and networking! Thanks for your patience! :P
-
Yeah. DHCP is not a security mechanism. If you want to keep people from plugging into your network you need to implement 802.1x or something. Disable the switch ports, MAC-limit the switch ports (easily-circumventable if you know the MAC address in question), etc.
I think there's something called arpwatch or something that can notify when a new MAC address shows up on the network. I've never investigated it (don't care too much).
-
I was hoping it would be not so much a security system, but an accountability tool. Oh well.
I definitely don't need any security like that. If somebody can get into my apartment and hook up to my LAN, I have MUCH bigger problems than data security!
Thank you again for the explanation. I just set the lease range outside the addresses the NAS uses. Onto to the next problem!