Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    2 different IP ranges - how to setup?

    Scheduled Pinned Locked Moved General pfSense Questions
    10 Posts 4 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      alexrci
      last edited by

      Hello,

      until now my colleague had setup and maintained a pfSense 2.1.5-RELEASE (amd64), I am very new to that…
      We have WAN on em0 and LAN on em1
      Until now, everything was fine, we had one range of 5 IP
      We bought a new range of 5 IP but of course they are not following the current range and the GW is different...
      I tried millions of things in VIP, NAT, 1:1 rules, nothing is working
      Anyone could help me on that please?

      Thanks a lot

      Alex

      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by

        For starters your on a unsupported version..  Why don't you get current, and then we can figure out your issue.

        2.3.1 is the current version.  2.1.5 is few months shy of 2 years old.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        1 Reply Last reply Reply Quote 0
        • M
          muswellhillbilly
          last edited by

          As JP suggests, backup your config, install the latest release and re-import the settings from the backup, or do an in-place upgrade. I'm guessing here, but you may not have flushed the ARP cache on your firewall after amending the IP/routing (assuming you HAVE amended the IP/routing - you don't actually say so explicitly - in which case the issue is more to do with settings).

          1 Reply Last reply Reply Quote 0
          • A
            alexrci
            last edited by

            I prefer not to upgrade now because this firewall is in production and I dont want a system down on the eCommerce website he helps to access.
            Here is what I did

            • added a new gateway on my WAN interface – see screenshot
            • added a NAT to forward one of my new IP xxx.xxx.170.210 to an internal IP (port 3389)

            Is there anything else I should do?

            Where to flush ARP cache on the pfSense?

            thanks a lot

            gateway.png
            gateway.png_thumb

            1 Reply Last reply Reply Quote 0
            • DerelictD
              Derelict LAYER 8 Netgate
              last edited by

              How did they give you the new range? Did they route it to one of the existing IP addresses?

              Chattanooga, Tennessee, USA
              A comprehensive network diagram is worth 10,000 words and 15 conference calls.
              DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
              Do Not Chat For Help! NO_WAN_EGRESS(TM)

              1 Reply Last reply Reply Quote 0
              • A
                alexrci
                last edited by

                They just gave me the IP range like that:

                Gateway: x.x.170.209
                IP Range: x.x.170.210 - x.x.170.214
                Netmask: 255.255.255.248

                They didnt told me anything
                They are the company that is hosting our server in their datacenter.

                thanks

                1 Reply Last reply Reply Quote 0
                • DerelictD
                  Derelict LAYER 8 Netgate
                  last edited by

                  Same ethernet interface? Different ethernet interface?

                  Chattanooga, Tennessee, USA
                  A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                  DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                  Do Not Chat For Help! NO_WAN_EGRESS(TM)

                  1 Reply Last reply Reply Quote 0
                  • A
                    alexrci
                    last edited by

                    SAME

                    1 Reply Last reply Reply Quote 0
                    • DerelictD
                      Derelict LAYER 8 Netgate
                      last edited by

                      They should not be giving you two layer 3 networks on one interface. They should be giving you a second interface or they should be routing the new network to your interface address on the existing interface.

                      Chattanooga, Tennessee, USA
                      A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                      DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                      Do Not Chat For Help! NO_WAN_EGRESS(TM)

                      1 Reply Last reply Reply Quote 0
                      • A
                        alexrci
                        last edited by

                        thanks Derelict
                        actually I was focusing on the wrong spot…
                        I created VIPs and a second gateway and this was correct.
                        But the machine I wanted to reach had its @#$%^ firewall activated...

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.