Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    LAN ARP Packets on WAN port

    Scheduled Pinned Locked Moved General pfSense Questions
    7 Posts 3 Posters 719 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      sjbrandon
      last edited by

      When looking at packet captures on the WAN port I am seeing ARP packets from equipment on the LAN network. I am assuming this should not be the case. What might I have set incorrectly?

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        Cross-connected your LAN and WAN at layer 2?

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 1
        • S
          sjbrandon
          last edited by

          My modem is connected to my pfsense box through a switch on a separate VLAN from the LAN traffic. Apparently that is the issue? Is there any way to completely isolate the bridge connection using the Cisco 3750 switch I am currently using or do I need to physically isolate the connections or is this a serious issue?

          JKnottJ 1 Reply Last reply Reply Quote 0
          • DerelictD
            Derelict LAYER 8 Netgate
            last edited by

            Apparently it's not a separate VLAN.

            I would consider traffic on the WAN side that is supposed to be on the LAN side a serious issue, yes.

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 1
            • S
              sjbrandon
              last edited by

              Thank you for the help. Apparently I left the ports set to dynamic VLAN assignments instead of setting them to static. Changed that and all is fixed.

              1 Reply Last reply Reply Quote 2
              • JKnottJ
                JKnott @sjbrandon
                last edited by

                @sjbrandon said in LAN ARP Packets on WAN port:

                My modem is connected to my pfsense box through a switch on a separate VLAN from the LAN traffic

                Any chance you have a cheap TP-Link switch? They're known for this sort of problem.

                PfSense running on Qotom mini PC
                i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
                UniFi AC-Lite access point

                I haven't lost my mind. It's around here...somewhere...

                1 Reply Last reply Reply Quote 0
                • S
                  sjbrandon
                  last edited by

                  Im am using only Cisco 3750 switches in the network. It was 100% opperator error.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.