Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Very weird static IP WAN problem

    General pfSense Questions
    2
    5
    962
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      allinwonder
      last edited by

      Hi all,

      My lab has an old IBM System X3400 with Windows Server 2003 serving as a router. We are getting rid of it and I am trying out a pfSense based solution.

      My university uses an static IP + MAC address based system. So to set up the WAN on my new pfSense box I want to duplicate the old server. I did this by assigning the same WAN IP, Gateway, subnet mask and DNS, and spoof the MAC address of the old server.

      However, there is no internet connection. Specifically, the WAN cannot connect to the gateway (loses all packet pinging the Gateway IP). I originally thought the university does not allow this kind of "device duplication". But then I tried doing the same thing (same IP, MAC spoofing, etc) on my laptop directly connected, I have internet connection fine.

      I wonder what went wrong? Here's what I did:

      I started from a factory-reset pfSense and set up interfaces through the console. Then I logged onto the webconfigurator and started the "wizard". Here I chose static IP, typed into the old server's IP address (202.xxx.xxx.191), Gateway(202.xxx.xxx.254), subnet mask (255.255.255.0, so I guess /24) and DNS, and typed in the old server's MAC address. There is no internet and gateway appears offline. I tried both checking and unchecking bogon/internal ip address rules, but they made no difference.

      I would appreciate your help!

      1 Reply Last reply Reply Quote 0
      • A
        allinwonder
        last edited by

        FYI, I previously used the same pfsense box in another network with DHCP 192.168.xxx.xxx WAN setup, and everything works fine.

        1 Reply Last reply Reply Quote 0
        • DerelictD
          Derelict LAYER 8 Netgate
          last edited by

          @allinwonder:

          Hi all,

          My lab has an old IBM System X3400 with Windows Server 2003 serving as a router. We are getting rid of it and I am trying out a pfSense based solution.

          Sounds like an excellent plan

          My university uses an static IP + MAC address based system. So to set up the WAN on my new pfSense box I want to duplicate the old server. I did this by assigning the same WAN IP, Gateway, subnet mask and DNS, and spoof the MAC address of the old server.

          However, there is no internet connection. Specifically, the WAN cannot connect to the gateway (loses all packet pinging the Gateway IP). I originally thought the university does not allow this kind of "device duplication". But then I tried doing the same thing (same IP, MAC spoofing, etc) on my laptop directly connected, I have internet connection fine.

          I wonder what went wrong? Here's what I did:

          I started from a factory-reset pfSense and set up interfaces through the console. Then I logged onto the webconfigurator and started the "wizard". Here I chose static IP, typed into the old server's IP address (202.xxx.xxx.191), Gateway(202.xxx.xxx.254), subnet mask (255.255.255.0, so I guess /24) and DNS, and typed in the old server's MAC address. There is no internet and gateway appears offline. I tried both checking and unchecking bogon/internal ip address rules, but they made no difference.

          I would appreciate your help!

          Really hard to tell from that information. Double check everything you did. Check Interfaces > WAN and be sure you have what you want there.

          Yes, 255.255.255.0 == /24 - No guessing necessary.

          You might need to involve the University's network guys if you can't get it working. They ought to bend over backwards if it means getting another windows 2003 server off their network.

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • A
            allinwonder
            last edited by

            @Derelict:

            Really hard to tell from that information. Double check everything you did. Check Interfaces > WAN and be sure you have what you want there.

            Yes, 255.255.255.0 == /24 - No guessing necessary.

            You might need to involve the University's network guys if you can't get it working. They ought to bend over backwards if it means getting another windows 2003 server off their network.

            Thanks.

            I guess there really isn't much to do in terms of static IP setup, other than what I mentioned. I'll have to ask the IT guys to create a new IP-MAC binding so I don't have to do MAC spoofing.

            1 Reply Last reply Reply Quote 0
            • DerelictD
              Derelict LAYER 8 Netgate
              last edited by

              MAC spoofing should work fine. Their switch can't tell the difference. Diagnostics > Packet Capture on WAN and set the level of detail to full and check the MAC and IP addresses being sent.

              Chattanooga, Tennessee, USA
              A comprehensive network diagram is worth 10,000 words and 15 conference calls.
              DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
              Do Not Chat For Help! NO_WAN_EGRESS(TM)

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.