OPT1 connect WAP
-
First : there is no such thing as a DHCP server on a WAN interface.
A DHCP client might be attached to WAN, ok, but that's something different.My OPT1 is called "LANNIC".
Here it is :Not really difficult to find, right ^^
-
I have WAN LAN but no OPT1
-
Your WAN has a static setup - in that case "WAN" shows up. But you won't running a DHCP server on that interface.
How did you "Assign" the OPT1 interface ?
Interfaces > Interface Assignments -
@Gertjan
I have 2 network cards and one "built in" the PC.
The built in one is OPT1 I gave 172.16.1.50.
I can ping it when it is pugged in and not when it isn't so it is that one.
I plugin WAP 172.16.1.100 there so phone can access internet.
I give phone 172.16.1.1 but cannot get to internet.
that then is all static but I would like to use DHCP.
what other step should I do ?
-
@zemlik said in OPT1 connect WAP:
172.16.1.50.
Where is the / part ?
Please show the /24 - if it is /32, thus one IP => no need to propose a DHCP server because no more other IP's left => no pool ...
edit : and why x.x.x.50 on a router port ?
x.x.x.11, ok, x.x.x.254, ok but an IP in the middle of the range .... never understood that.edit2 : and your WAP x.x.x.2 etc DHCP server running a pool from x.x.x.3 -> x.x.x.254 and you'll be good for decades. (One, actually, IPv4 will be ancient over 10 years from now).
-
Ah ha there it is.
what should I do then now that is sorted to have 172.16.1.x go through WAN to get to internet ? -
@zemlik said in OPT1 connect WAP:
what should I do then now that is sorted to have 172.16.1.x go through WAN to get to internet ?
As I said in point "edit2" in my post above.
Bring your OPT1 static IP from x.x.x.50 to x.x.x.1
Activate a DHCP server on the OPT1 : pool from (example) x.x.x.5 to x.x.x.254
... and check that a device on port OPT1 realy obtains an IP from that DHCP server instance - see Logs and Lease page.
Put your WAP on x.x.x.2 - gateway x.x.x.1 DNS x.x.x1 - stop its DHCP server and you'll be good. -
@Gertjan
OK the phone gets an Ipaddress from pfsense but isn't getting through to internet.
Does DNS want to be 172.16.1.1 or should it be something else ?
Otherwise is it only the rules that I should change to let OPT1 through WAN but block on LAN ?
and it should work without any other configuration ? -
@zemlik said in OPT1 connect WAP:
Does DNS want to be 172.16.1.1 or should it be something else ?
Dono.
Above, you said :@zemlik said in OPT1 connect WAP:
I give phone 172.16.1.1 but cannot get to internet.
So, what is OPT1 now ?
What IP/DNS/Gateway does your Phone gets ?Can't see from here what you have now.
Blocking LAN from OPT1 is a one ruler - as soon as everything works first.
Like
as one of the first OPT1 firewall rules.
-
@Gertjan
I changed the WAP to 172.16.1.2 and pfsense 172.16.1.1
DHCP on pfsense start at 172.16.1.5 as you say.
Phone gets ipaddress 172.16.1.5 router 172.16.1.1 DNS 172.16.1.1
so that seems to be working but cannot connect internet.
(update) well now it has decided to work.
perhaps it was Snort I just turned off.
The WAP is elderly lynksys WAP200. It thinks it is 2015 which is latest can manually select.
perhaps it was blocked by Snort because the time was mismatch.
It has worked before to get time from ipfire.
I have NTP on pfsense and ask WAP to sinc with it but doesn't seem to be doing it.
thanks for your help tho' as we have success I can fiddle and see what stops it working. -
@Gertjan
OK problem resolved. Seems I didn't have enough protocols allowed on OPT1
working now and also NTP on WAP
thanks ever so much for assist.