Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Enable DHCP only on LAN IN

    Scheduled Pinned Locked Moved DHCP and DNS
    15 Posts 2 Posters 1.0k Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L Offline
      LohanDett @johnpoz
      last edited by

      @johnpoz What do you mean with different stuff? On Proxmox side or pfSense? Is this an intended behavior of the DHCP Server config?
      I prefer to solve it within the pfSense VM since it's not intented to serve for any services in Proxmox => standalone.

      1 Reply Last reply Reply Quote 0
      • johnpozJ Online
        johnpoz LAYER 8 Global Moderator
        last edited by

        Any device or VM on the same layer 2 as dhcp server can get dhcp from that server.. Isolate your different vms or physical devices on to different layer 2 networks if you don't want them to be served by that dhcp server.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 25.07.1 | Lab VMs 2.8.1, 25.07.1

        L 1 Reply Last reply Reply Quote 0
        • L Offline
          LohanDett @johnpoz
          last edited by LohanDett

          @johnpoz Can't figure out how.. I created a vlan and assigned it as another interface but couldn't select it in dhcp server config though it has a static local ipv4.

          1 Reply Last reply Reply Quote 0
          • johnpozJ Online
            johnpoz LAYER 8 Global Moderator
            last edited by johnpoz

            did you enable dhcp server on it?

            Any interface is NOT a wan, ie doesn't have a gateway set and has a static IP on it be native or vlan will be listed as being able to have dhcpd enabled or not.

            interfaces.png

            Two of those W_ interfaces are vlans.
            vlans.png

            Did you actually "enable" the interface ;)

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 25.07.1 | Lab VMs 2.8.1, 25.07.1

            L 1 Reply Last reply Reply Quote 0
            • L Offline
              LohanDett @johnpoz
              last edited by LohanDett

              @johnpoz Doesn't work for me:
              vlans.JPG
              --------------------------------------------------------------------------------------------------------------
              dhcp-server.JPG

              Guess I missed a configuration but this is looking pretty similar to yours.
              .
              .
              .

              Well, I guessed I messed up something anyways, can't connect to firewall services through VPN anymore (is dhcp required for this?).

              1 Reply Last reply Reply Quote 0
              • L Offline
                LohanDett
                last edited by

                If I manually type the iface name in the url it's working. Maybe this is just a bug in dev branche version?

                1 Reply Last reply Reply Quote 0
                • johnpozJ Online
                  johnpoz LAYER 8 Global Moderator
                  last edited by johnpoz

                  And your opt1 interface is actually "enabled" you can put an IP on it without actually clicking "enable" show us your opt1 interface.

                  Your running 2.5 ver - then you post should be in that section

                  An intelligent man is sometimes forced to be drunk to spend time with his fools
                  If you get confused: Listen to the Music Play
                  Please don't Chat/PM me for help, unless mod related
                  SG-4860 25.07.1 | Lab VMs 2.8.1, 25.07.1

                  L 1 Reply Last reply Reply Quote 0
                  • L Offline
                    LohanDett @johnpoz
                    last edited by

                    @johnpoz LAN ip is 192.168.1.1 if that's relevant, dunno..

                    opt1-in.JPG

                    Thanks for your help.

                    1 Reply Last reply Reply Quote 0
                    • johnpozJ Online
                      johnpoz LAYER 8 Global Moderator
                      last edited by johnpoz

                      Well I can tell you the mask is wrong.. You can not run dhcpd when the mask is /32 there is no range to use - you prob want that at /24

                      mask.png

                      An intelligent man is sometimes forced to be drunk to spend time with his fools
                      If you get confused: Listen to the Music Play
                      Please don't Chat/PM me for help, unless mod related
                      SG-4860 25.07.1 | Lab VMs 2.8.1, 25.07.1

                      L 1 Reply Last reply Reply Quote 1
                      • L Offline
                        LohanDett @johnpoz
                        last edited by

                        @johnpoz Indeed, that was the trick. Thank you so much, I didn't notice that it was set wrong.

                        Now I can block traffic to WAN and stop it going out of the network.

                        1 Reply Last reply Reply Quote 0
                        • johnpozJ Online
                          johnpoz LAYER 8 Global Moderator
                          last edited by

                          Not really a "trick" but yeah setting /32 for sure not going to allow you to run dhcpd ;)

                          An intelligent man is sometimes forced to be drunk to spend time with his fools
                          If you get confused: Listen to the Music Play
                          Please don't Chat/PM me for help, unless mod related
                          SG-4860 25.07.1 | Lab VMs 2.8.1, 25.07.1

                          L 1 Reply Last reply Reply Quote 1
                          • L Offline
                            LohanDett @johnpoz
                            last edited by LohanDett

                            @johnpoz Yh no magic. 🤣
                            dhcp_inside_lan.JPG
                            This would block dhcp traffic from going out and keep it inside that vlan? Sry for that dumb question, used to have different nic's before for this, haven't really worked with vlans before.

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.