PFsense & DDwrt hate each other, at least they hate me, this and arp problems
-
This problem is literally driving me crazy! Here is my set up, I have time warner it comes in through a SB6141 modem then it hits my Pfsense machine ( 2.2 ghz cpu, 4G ram, installed on SSD run through a intel dual nic em0 is WAN and em1 is LAN) WAN is set to DHCP and LAN is set to 192.168.1.0 (I have tried 1 to but problem on both, so it doesn't matter) with DHCP enabled on LAN. It then runs to my DD-wrt Linksys wrt1200ac set up (hopefully) as an AP with WAN as a LAN port all dhcp turned off barely any setting on just wifi set with basic bridge of br0 > ath0/1 I also have "routing on admin page turned off (tried both on and off). From there it hits a managed 8 port switch to cameras, other AP's set in a daisy chain, I also have my main media/server plugged right into the wrt1200 along with that aforementioned switch and another machine my gaming PC. So that is my set up. what is happening is PFsense and devices connected to the Wrt1200 are swapping MAC's like std's! I get an error like this in Pfsense arp: <some ether="" addr="">is using my IP address <some ip="" addr="">again. I noticed my ddwrt and pfsense machine swapping macs 192.168.1.1 changes from the pf to dd and back again which drops connectivity so intermediately that i cannot use my internet. what am I doing wrong, I know its me..LOL. Oh I forgot t o mention I have PIA set up as my VPN on my Pfsense box but it does not seem to interfere with anything.</some></some>
-
"LAN is set to 192.168.1.0 "
That is not a valid host address if using /24 mask. That is a network address.
Things do not swap macs - if you are seeing the same IP with different macs, that means you have duplicate IP.. 2 devices with the same IP, and yes as a different device arp for said address sometimes he will get device 1, sometimes he will get device 2.
Why are you using your wan port if you want your wifi router to be a AP? While sure you can sometimes bridge the wan to the lan/wifi setup - what I would suggest is you use one of the lan ports on this AP, turn off its dhcp server and there you go its a AP.
You need to give the wifi router no AP a IP address on your network that does not conflict with anything. IF pfsense is 192.168.1.1/24 then say make your wifi ap 192.168.1.2/24
-
Right I did that the pf is 192.168.1.1 ( i just tried changing it to .0 to see if changes would help this) and the ddwrt AP is 192.168.1.2. In DDwrt you can make a WAN port a LAN port, an dI have moved the LAN side of the pfsense to a LAN port on the ddwrt AP but no change still kept getting this odd issue. I originally had the pf box 192.168.1.1/16 and so on into my LAN so I changed it back to 24 and now my main machine connecting to the ddwrt (which I do all mt accessing of both pf and dd) cannot see the PF box evne when I set a static ip to it.
-
I have a similar setup, Motorola modem->pf->Buffalo (DD-WRT) router as AP (WAN as an extra LAN port).
By chance do you have a device with a fixed IP that is in the DHCP range allocated to LAN net? If so, set it to an address on the LAN subnet, but outside of the DHCP range.
-
You say you see the mac swapping. So track down the 2 macs you see to what devices are conflicting with IP.
You can look up a mac to see who the maker of the device is to a hint to what it might be. If you do not have a smart switch that allows you to find what port is something plugged into.
Using /16 as your mask is a really bad idea.. why do not just change your network to 192.16.2.0/24 until such time you can find what is conflicting with 192.168.1.1 or why not just change pfsense to 192.168.1.3? Does not matter what pfsense IP is, can be anything in your network that you want to use. For example mine is .253
You need to track down what 2 devices are duplicated, or since you believe its the 192.168.1.1 address, then just change pfsense to something else. Then find that 192.168.1.1 device.
-
If you say that Pfsense can be what ever, what about dhcp? I know I saw in the settings that I can assign the gateway ie 192.168.1.1 in dhcp, so do that? an dit will not conflict with pfsense being a different ip? so say I log into web gui at the ip you say 253 I think, and you have your dhcp 192.168.1.1?
Ya I thought the 16 was an issue just trying something different abut I got same issue with 24 because I did change it back ,192.168.1.1/24 and still issue the only static I have is the networking hardware ie wrt1200 192.168.1.2 my managed switch 192.168.1.3 and my AP's 192.168.1.4, 5. I was then after this issue was resolve going to set my 3 ip cameras to 192.168.1.5,6, 7 and finally my media center, server 192.168.1.9 or 10 then have dhcp set from 192.168.1.20-200.
The macs that are "swapping" are the wrt1200, and my main machine that i am doing gui pfsense ddwrt stuff on which has been dhcp unless I directly need to access hardware for instance if I need to access the switch or ddwrt during this problem and set up on network.
Hey thank you guys you are helping just new to pfsense. It took me a long to to work up the gumption to do it and I can already, even with this crazy issue see a betterment over my ddwrt router. But with all this newness i thought I had it all good until I stated to set up my wifi on the wrt1200. I bridged the network in ddwrt because that is how it wants it for wifi unless there is something different I overlooked.
-
…. I know I saw in the settings that I can assign the gateway ie 192.168.1.1 in dhcp, so do that?
Don't.
(because "The default is to use the IP on this interface of the firewall as the gateway. Specify an alternate gateway here if this is not the correct gateway for the network. Type "none" for no gateway assignment.')Ya I thought the 16 was an issue just trying something different abut I got same issue with 24 because I did change it back ,192.168.1.1/24 and still issue the only static….
192.168.1.0/24 and setting a /16 => please don't. Your breaking things.
The macs that are "swapping" are the wrt1200, ….
I'm using myself 5 AP's with DD-WRT for years now.
My Captive portal is on OPT1 (where it belongs) - IP 192.168.2.1 (192.168.1.1/24 is my LAN segment).
AP1 = 192.168.2.2
AP2 = 192.168.2.3
etcThe DHCP server on OPT1 (Captive Portal) hands over IPs for my visitors from 192.168.2.7 to 192.168.2.254.
What are your main DD-WRT AP settings ?
Did you switch off the internal DHCP server on the AP ?
(better be safe : never ever use the 'WAN' port on the AP)
