Need Help with getting my clients to communicate over LAN (Plex, RDP, etc.)
-
Hey everyone,
I'm having an issue with my LAN setup and not 100% sure if I set everything up correctly. My pfsense router has multiple ethernet ports which can be shown here
The motherboard i purchased for this build is the following…
Now what I did was bridged all 7 ports (except WAN) and called it LAN_Ports, then I created a DHCP server for LAN_Ports (bridged ports). With this, I was able to get internet access across every device that is connected to it but the problem is I can't connect to my Plex server or connect to it via Windows RDP. :(
I want to use my Pfsense router as my main router but I need clients on my LAN to be able to communicate between each other. I am very new to Pfsense and I really love what it is, but there are some things I need to get working to make it perfect. So if anyone can help me get my LAN working like a consumer router, that would be amazing!!!
-
Whelp, I finally know why I couldn't access my devices across my LAN with Pfsense, it was such a stupid mistake of mine that no wonder people didn't respond to this thread because how noobish it was…
But for anyone who buys multiple NIC's or buys a motherboard like mine and your a total noob at networking or just new to Pfsense, here's what you need to do...
Once you have access to your Pfsense GUI, the first thing you need to do is add all the OPT interfaces under "Interface Assignments". After adding them all, next you will need to enable them individually by checking "Enable Interface" for each one, then leave everything by default, and then save and apply (repeat this for all your OPT ports). Once you have enabled all your interfaces, head over to the "Bridges" tab and select add. Now just select WAN, LAN, and all your OPT (e.g. my motherboard has 8 ethernet ports, so I chose WAN, LAN, OPT1, OPT2, OPT3, OPT4, OPT5, and OPT6. You will need to hold down Ctrl to select multiple interfaces) and save.
Congratulations, you now have your router running like any other router would. Hope this helps. :)
Also for anyone that may have keyboard issues with Pfsense and is unable to progress through the installation like I did, you can use "A" on your keyboard as "Enter". When the installer gets to the first prompt, just push "A" and do the same for all of the following ones that come up until it reboots, you'll be able to get it running without an issue. Not sure if this was a widespread issue or not but thought I should post about it here anyway in case someone else experiences the same problem. Anyway cheers! :D
-
Buy a 5 USD switch instead of bridging ports on pfSense.
-
Why do that? Is there something wrong with bridging on PFsense?
-
Why do that? Is there something wrong with bridging on PFsense?
Your using CPU to push traffic around that should be done on a switch by a dedicated switch chip. Cons of doing this is: high CPU usage, increased latency and reduced throughput.
-
I have a i7 6700T in there (I know… complete overkill, but it was collecting dust ever since I upgraded my small form factor gaming rig with a 7700T lol). Even with a CPU like that, is it still bad?
-
Computers used to build pfsense are general purpose devices. For tasks like switching, better to use a switch than a bridge.
I'd get a managed switch with as many ports as you need. You will get better performance I'm sure.
-
alright thanks, also I'm using my router (Asus AC3200) that is in AP mode, should I use the switch on that or do you still recommend using a switch? If you do recommend a switch, can you recommend me one with at least 5-6 ports or will any kind be better then my router?
-
How many items do you have that need to be plugged in to it?
-
How many items do you have that need to be plugged in to it?
Well, I have a Gaming PC, Plex server on a NUC pc, PS4, Nvidia Shield, and my cousin occasionally comes to visit and brings his gaming rig to play (he doesnt have a wireless card), and I want at least 1 or two extra in case I might add more devices later down the road (i.e. new server or gaming device).
-
For your rig, since it has lots of power, I can recommend this switch:
https://www.newegg.com/Product/Product.aspx?Item=9SIA91N4D32331
-
Kidding…
Something like this is probably nice.
If you wanted to get very overkill you could get bigger.
https://www.newegg.com/Product/Product.aspx?Item=N82E16833127450
-
For your rig, since it has lots of power, I can recommend this switch:
https://www.newegg.com/Product/Product.aspx?Item=9SIA91N4D32331
thanks for the help, I really needed to know for sure cause I do want to get the most out of my pfsense router in performance. The only thing that sucks is that i just blew all that money on this mobo for the extra etho ports because I wanted it to be a all-in-one as much as possible.
-
damn i think i locked myself out of my router xC gonna try to RDP my server pc and see if i can connect to the GUI through it.
-
Well - About the ports… Probably just needed 2 if gigabit is fast enough for you. I'd probably stack a couple of 8 port switches for $30 each and be done with it.
However if bridging the ports works for you and you don't see lost bandwidth, go for it. Its nice and neat, thats for sure.
-
If your password doesn't work, I can let you try mine…
-
If your password doesn't work, I can let you try mine…
i mean that I can't access the GUI period but I found out the issue tho. I made a grave mistake…. Im not 100% sure this is the actual cause but evidence points to it. When i was applying firewall rules for all the OPT ports, I forgot to put all the IPv4 rules on top of the IPv6 rules for each OPT. The main reason I believe this to be the culprit is two reasons. One: The firewall reads the rules from first to last and Two: I can only access the IPv6 internet, I did a test and noticed that only IPv6 protocol was only being used and IPv4 isn't working. It just works for the LAN, but access to IPv4 on the internet has been disabled for some reason. :(
-
You do have your default anti-lockout rules in place… Right?
-
You do have your default anti-lockout rules in place… Right?
just for the LAN port, but not the other OPT ports, why? is there a way to get in even though the 192.168.1.1 isn't accessible?
-
Yes - pull up the console
Go to shell
type pfctl - d
Then log in via the web
Fix your rules