3rd and 4th Lan Ports for internet
-
When you (think you) finished the setup of OPT1 :
Connect the cable of a device - typically, a PC.Use the
ipconfig /allcommand to check if the IP, mask, gateway and DNS are ok.
The gateway and DNS should be the IP of pfSense, the interface you are connected to.
The IP should be in the pool of that interface.Also, check on pfSense, Status > System Logs > DHCP and look for the MAC of your device you connected to the OPT interface. The same IP - the 'lease' is shown there .
The firewall rules you shwoed, one for IPv4 and one for IPv6 are ok.
IPv6 are needed only needed if you actually need and set up IPv6 . -
done everything above, and still no luck !
Any ideas. I copied the firewall profile as shown below.
-
i get nothing on the other connections using IPCONFIG
-
pls show the rules for opt1 and opt2, and the dhcp server for opt1 and opt2. There should be a rule " IP4 * allow any to any" in opt1 and opt2 and a running dhcp server on both interfaces.
-
Well your never going to get anywhere with a 169.254 address. Clearly you device did not get an IP from dhcp server.
-
@jonefc said in 3rd and 4th Lan Ports for internet:
I copied the firewall profile as shown below.
the copy must be apply / validated on OPT1 and OPT2, not under the LAN interface
+++edit:
the firewall sets the "default allow rule" to LAN only by default -
While true he needs firewall rules on optX interfaces to allow internet access from them.
Step 1 in his problem is whatever client that was on whatever optX network is not getting IP from dhcp server.
You need to validate dhcp server is enabled on your optX interface, and the client that is set for dhcp is actually connected to this optX network..
Either directly into the interface on your pfsense box, or a switch that is only connected to this optX network and your clients you want on this optX network.
You can not plug lan and optX networks into some dumb switch and hope to run multiple L2 networks on it and for dhcp to just magically know which client should get what IP from which dhcp server.
-
In principle, the OP configured a DHCP server somewhere for OPT1, but it failed....?!? (shown above)...hmmm
192.168.2.0.....if I see it right
so there are several problems here
+++edit:
I suggested him / her read the handbook first, because these are very basic steps, what will happen later? -
Yeah failed why? He never stated where he has that device plugged in. Maybe it connected it to opt2 and only enabled dhcp on opt1?
But clearly the optput of ipconfig shown did not get an IP from dhcp server. 169.254 isn't going anywhere that is a APIPA address when a dhcp client doesn't get an IP from a dhcp server.
-
@johnpoz said in 3rd and 4th Lan Ports for internet:
169.254 isn't going anywhere
this is true....
he wants both interfaces, (OPT1 / OPT2), but none succeed
-
Did he remove the bridge nonsense he setup?
There is not enough info to try and help him figure out what he is doing wrong.
If interface is configured with an IP, and dhcp is enabled on this interface. Then a dhcp client connected to that interface should and would get an IP from the dhcp server.
If doesn't then no its not going to get internet.
Once it gets an IP and other info from the dhcp server, gateway, dns - then you would need firewall rules on this interface to allow whatever traffic you want.
And you would also need outbound nat, which should be automatic and working as soon as created an IP on the interface and enabled it. But you don't know maybe he set his outbound nat to manual?
First step is to figure out why client that is set for dhcp did not get an IP from the dhcp server.
But also we need to know what he is plugging into this opt interface, is it the same dumb switch he is using for his lan interface, is it a windows device directly? Is it some wifi router? etc..
For all we know he plugged in some wifi router into this opt interface and its wan got an IP, but the lan side of that wifi router where he has his client connected doesn't have dhcp enable?
Info is required to help figure out whatever the problem is - without information, any guessing to what might be the issue is just that, guessing.
-
@jonefc said in 3rd and 4th Lan Ports for internet:
Any ideas.
I think you need to understand first that these are separate interfaces...(OPT1 / OPT2)
they do not depend on the LAN,...... just because it has Internet access by default (the LAN)forget your "bridge" idea - you presented above
set each interface separately and give them a "default allow rule" as shown on the LAN
(copy is good ....because fast)review the DHCP setting and cable connections...
say review the DHCP logs and connect your cable to the ports step by step