Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Does pfSense go first right after my cable modem?

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    4 Posts 3 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G Offline
      glen4cindy
      last edited by

      I'm trying to learn how to setup and configure pfSense.

      I was looking at a particular guide and it referred to setting the WAN IP address as follows:

      192.168.0.14/24 gw 192.168.0.1

      And the LAN IP address as follows:

      192.168.0.15/Default will be 192.168.1.1

      I'm curious because if this is the first device after my cable modem then it will have to receive the DHCP address from the cable modem in the same way my current router does.

      My understanding is that pfSense is to become my router and from there I need to go to a switch.

      Is my thinking wrong?

      Thanks in advance.

      1 Reply Last reply Reply Quote 0
      • DerelictD Offline
        Derelict LAYER 8 Netgate
        last edited by

        Depends.

        Generally you will want to plug cour cable modem into WAN and tell the DHCP client on WAN to never accept a DHCP address from 192.168.100.1. That means you will only ever get a public address on the WAN.

        But all that depends on the ISP. What do they tell you to do to get a public IP address on the WAN port of your router?

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • G Offline
          glen4cindy
          last edited by

          @Derelict:

          Depends.

          But all that depends on the ISP. What do they tell you to do to get a public IP address on the WAN port of your router?

          Currently, the modem first goes to the WAN port on my router then to my switch.

          The router is giving the following information:

          Internet Connection (IPv4)
          Connection Type: Automatic Configuration - DHCP
          Internet Address: 97.92.2xx.xxx
          Subnet Mask: 255.255.224.0
          Default Gateway: 97.92.1xx.xxx
          DNS1: 71.10.216.1
          DNS2: 71.10.216.2
          DNS3:
          MTU: Auto
          DHCP Lease Time: 480 Minutes

          Since the "routing" functions should be being replaced by pfSense I would think I would need to let it get a DHCP from the cable modem. The 192.168.100.1, as far as I know, is what I browse to when my connection is flaky. It gives me an overview of the modem itself so I can see how well it has been maintaining the signal.

          That DHCP address from the cable provider could change from time to time so I'm not sure how that would affect the configuration.

          1 Reply Last reply Reply Quote 0
          • stephenw10S Offline
            stephenw10 Netgate Administrator
            last edited by

            Seems like you have the right idea. Your 'modem' is already passing the public IP to the current router so it will do the same with pfSense there.

            The idea with blocking 192.168.100.1 as a dhcp source is to prevent the modem giving you a private IP if it looses its cable connection for nay reason. They do that to allow you easy access to it in that situation but it can prevent pfSense receiving a real IP when the connection comes back up.

            You can still access the modem anyway.
            https://doc.pfsense.org/index.php/Accessing_modem_from_inside_firewall

            Steve

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.