OPT1 getting DHCP but no other connectivity



  • Sorry for all the newb questions today…  Once I get setup I'll be more productive :)

    I've enabled OPT1 to use for my home network (vs LAN to be segregated for work).  So I set the OPT1 interface static IP to 192.168.1.1 (whereas LAN has 192.168.2.1). Both have DHCP and DHCP server successfully assigns addresses on both.  ...but devices on OPT1 don't resolve DNS or are even able to ping direct ip addresses.

    ...the reason I know there's something different about the interface is that if I swap the PC plugged into OPT1 vs LAN, the problem stays on OPT1.  The only difference in the settings is the IPv6 settings (which by default sets LAN to "track interface".  ...but I have a hard time imagining that I need IPv6 enabled to ping something.  Anyway, I disables the DHCPv6 server and I still have the same issue.

    Both interfaces say up with
    LAN    1000baseT <full-duplex>192.168.2.1
    OPT1  100baseTX <full-duplex>192.168.1.1

    I also noticed I can only access the pfsense web-gui from LAN, which is maybe by design?</full-duplex></full-duplex>



  • So I set the OPT1 interface static IP to 192.168.1.1 (whereas LAN has 192.168.1.1).

    I hope you have a cut-paste issue there - you can;t have LAN and OPT1 with the same IP address.

    I expect that you need to add firewall rule(s) on OPT1. Out-of-the-box LAN has a pass-all rule, but other interfaces have no pass rule and so block everything by default.



  • oops, yes. Fixed.

    …and it looks like fw rules was it - thanks for the help!!



  • Just a note about DHCP - when you enable DHCP on an interface, pfSense puts an (unseen) rule on the interface to allow incoming DHCP requests. So that is why DHCP works even when you have no user-added pass rule.