2 different IP ranges - how to setup?
until now my colleague had setup and maintained a pfSense 2.1.5-RELEASE (amd64), I am very new to that…
We have WAN on em0 and LAN on em1
Until now, everything was fine, we had one range of 5 IP
We bought a new range of 5 IP but of course they are not following the current range and the GW is different...
I tried millions of things in VIP, NAT, 1:1 rules, nothing is working
Anyone could help me on that please?
Thanks a lot
For starters your on a unsupported version.. Why don't you get current, and then we can figure out your issue.
2.3.1 is the current version. 2.1.5 is few months shy of 2 years old.
muswellhillbilly last edited by
As JP suggests, backup your config, install the latest release and re-import the settings from the backup, or do an in-place upgrade. I'm guessing here, but you may not have flushed the ARP cache on your firewall after amending the IP/routing (assuming you HAVE amended the IP/routing - you don't actually say so explicitly - in which case the issue is more to do with settings).
I prefer not to upgrade now because this firewall is in production and I dont want a system down on the eCommerce website he helps to access.
Here is what I did
- added a new gateway on my WAN interface – see screenshot
- added a NAT to forward one of my new IP xxx.xxx.170.210 to an internal IP (port 3389)
Is there anything else I should do?
Where to flush ARP cache on the pfSense?
thanks a lot
How did they give you the new range? Did they route it to one of the existing IP addresses?
They just gave me the IP range like that:
IP Range: x.x.170.210 - x.x.170.214
They didnt told me anything
They are the company that is hosting our server in their datacenter.
Same ethernet interface? Different ethernet interface?
They should not be giving you two layer 3 networks on one interface. They should be giving you a second interface or they should be routing the new network to your interface address on the existing interface.
actually I was focusing on the wrong spot…
I created VIPs and a second gateway and this was correct.
But the machine I wanted to reach had its @#$%^ firewall activated...