-
A factory reset does not change the Netgate ID. Maybe if it was a VM and they blew away the VM and reinstalled, or moved to a new VM, since that would appear to be different hardware.
The original problem here sounds an awful lot like the symptoms one sees when they try to use the same subnet on WAN and LAN.
-
-
Here I am!
Well, the issue is...The pfsense is a vm in China. We had a ransomware attack so the local IT company would like to try another firewall with DPI solution.
They disconnected the NICs from Vsphere and kept the same LAN and WAN IPs for the new firewall.
Now I would like to restart the pfsense, so I need to change both LAN and WAN IPs. They are in the same subnet.
That's why I need to change the IPs and I cannot make a factory reset.
So, any solution?Thanks
-
Set LAN only to have access ... ?
-
-
Well, I guess you could prepare a script ? config.xml ? that swaps LAN to something else, and puts WAN in the correct network.
The same config.xml should have NAT rule on WAN for incoming GUI and SSH access.But having a pfSense locked in such a place : isn't it useless now ?
Btw : Interesting issue : blaming the firewall when a "user" installed some random ware ...
-
Btw : Interesting issue : blaming the firewall when a "user" installed some random ware ...
I know, that's why I am fighting against the local IT.
Now I have access on a vm natted on the "new chinese firewall" and I can work also from Vsphere console, but I wouldn't like to start from scratch just only I need to change two IPs, it is very disappointing! -
I'm not clear if the WAN and LAN are in the same subnet now, and you're trying to fix that? Because you wouldn't ever change them to the same subnet. If you're trying to swap them, perhaps change one to some other made up subnet temporarily...
WAN A
LAN BWAN C
LAN BWAN B
LAN A -
@teamits
et's take, for example
LAN net is 192.168.6.0/24
WAN net is 20.30.40.0/24 GW 20.30.40.254My old IPs are
LAN 192.168.6.1
WAN 20.30.40.1 GW 20.30.40.254I have changed first LAN address with
192.168.6.10Then WAN address with
20.30.40.10 GW 20.30.40.254The system is stuck. I can connect with a slow refresh to the interface but I cannot browse and/or update the system.
-
OK so the two interfaces are not in the same subnet.
I have no idea why you would have the trouble you describe, by making those changes. Are you sure neither of those IPs are already in use on other devices?
Have you tried changing just the LAN IP, and restarting?
-
@teamits said in Change IP:
Have you tried changing just the LAN IP, and restarting?
The question is that the WAN IP is now used by another device, so I need to change it too -
Get actual console access (not SSH) and use option "2" to change the IPs and then reboot it for good measure.
-
-
the WAN IP is now used by another device
I was just trying to find out at what step you lose access.
You should not be losing access.
If the current WAN IP is in use by another device I would expect both of those to have trouble and would be surprised if you could connect out from the pfSense to the Internet before changing WAN IPs.
I was trying to suggest the new WAN IP is also in use by another device. That would at least be consistent with your symptoms. -
@teamits said in Change IP:
the WAN IP is now used by another device
I was just trying to find out at what step you lose access.
You should not be losing access.
If the current WAN IP is in use by another device I would expect both of those to have trouble and would be surprised if you could connect out from the pfSense to the Internet before changing WAN IPs.
I was trying to suggest the new WAN IP is also in use by another device. That would at least be consistent with your symptoms.Please read from the top...
The local IT has disconnected pfsense nics from vsphere adn used its ips for the new device.
the new device is working without any problem, as pfsense before.
now I want to reconnect pfsense with UNUSED IPS (please, huh? I work in IT from 20 years) -
The local IT has disconnected pfsense nics from vsphere
OK but then the symptom of slow web GUI and inability to access updates is to be expected. The slow GUI happens because DNS isn't working and each try must time out on all DNS servers before the GUI moves on.
I was assuming the NICs were being reconnected after the IP change.
Not sure where to go from here. The only issue I've had with changing IPs is the rebinding check not allowing the new LAN IP but I think that bug was fixed a while ago.
-
Could there be anything in VMWare that is blocking the new IPs? I haven't used VMWare much, but vaguely recall some issues on our Virtuozzo cluster with ARP tables on the physical host.
-
@teamits said in Change IP:
The local IT has disconnected pfsense nics from vsphere
OK but then the symptom of slow web GUI and inability to access updates is to be expected. The slow GUI happens because DNS isn't working and each try must time out on all DNS servers before the GUI moves on.
I was assuming the NICs were being reconnected after the IP change.
Not sure where to go from here. The only issue I've had with changing IPs is the rebinding check not allowing the new LAN IP but I think that bug was fixed a while ago.
pfsense can query the dns without any problem...
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.