Very weird static IP WAN problem



  • Hi all,

    My lab has an old IBM System X3400 with Windows Server 2003 serving as a router. We are getting rid of it and I am trying out a pfSense based solution.

    My university uses an static IP + MAC address based system. So to set up the WAN on my new pfSense box I want to duplicate the old server. I did this by assigning the same WAN IP, Gateway, subnet mask and DNS, and spoof the MAC address of the old server.

    However, there is no internet connection. Specifically, the WAN cannot connect to the gateway (loses all packet pinging the Gateway IP). I originally thought the university does not allow this kind of "device duplication". But then I tried doing the same thing (same IP, MAC spoofing, etc) on my laptop directly connected, I have internet connection fine.

    I wonder what went wrong? Here's what I did:

    I started from a factory-reset pfSense and set up interfaces through the console. Then I logged onto the webconfigurator and started the "wizard". Here I chose static IP, typed into the old server's IP address (202.xxx.xxx.191), Gateway(202.xxx.xxx.254), subnet mask (255.255.255.0, so I guess /24) and DNS, and typed in the old server's MAC address. There is no internet and gateway appears offline. I tried both checking and unchecking bogon/internal ip address rules, but they made no difference.

    I would appreciate your help!



  • FYI, I previously used the same pfsense box in another network with DHCP 192.168.xxx.xxx WAN setup, and everything works fine.


  • LAYER 8 Netgate

    @allinwonder:

    Hi all,

    My lab has an old IBM System X3400 with Windows Server 2003 serving as a router. We are getting rid of it and I am trying out a pfSense based solution.

    Sounds like an excellent plan

    My university uses an static IP + MAC address based system. So to set up the WAN on my new pfSense box I want to duplicate the old server. I did this by assigning the same WAN IP, Gateway, subnet mask and DNS, and spoof the MAC address of the old server.

    However, there is no internet connection. Specifically, the WAN cannot connect to the gateway (loses all packet pinging the Gateway IP). I originally thought the university does not allow this kind of "device duplication". But then I tried doing the same thing (same IP, MAC spoofing, etc) on my laptop directly connected, I have internet connection fine.

    I wonder what went wrong? Here's what I did:

    I started from a factory-reset pfSense and set up interfaces through the console. Then I logged onto the webconfigurator and started the "wizard". Here I chose static IP, typed into the old server's IP address (202.xxx.xxx.191), Gateway(202.xxx.xxx.254), subnet mask (255.255.255.0, so I guess /24) and DNS, and typed in the old server's MAC address. There is no internet and gateway appears offline. I tried both checking and unchecking bogon/internal ip address rules, but they made no difference.

    I would appreciate your help!

    Really hard to tell from that information. Double check everything you did. Check Interfaces > WAN and be sure you have what you want there.

    Yes, 255.255.255.0 == /24 - No guessing necessary.

    You might need to involve the University's network guys if you can't get it working. They ought to bend over backwards if it means getting another windows 2003 server off their network.



  • @Derelict:

    Really hard to tell from that information. Double check everything you did. Check Interfaces > WAN and be sure you have what you want there.

    Yes, 255.255.255.0 == /24 - No guessing necessary.

    You might need to involve the University's network guys if you can't get it working. They ought to bend over backwards if it means getting another windows 2003 server off their network.

    Thanks.

    I guess there really isn't much to do in terms of static IP setup, other than what I mentioned. I'll have to ask the IT guys to create a new IP-MAC binding so I don't have to do MAC spoofing.


  • LAYER 8 Netgate

    MAC spoofing should work fine. Their switch can't tell the difference. Diagnostics > Packet Capture on WAN and set the level of detail to full and check the MAC and IP addresses being sent.


Log in to reply