Changed to Static IP on LAN [SOLVED]
-
Hello muswell, thank you for helping me! My WAN was somewhere in the 192.168.1.X range and my LAN was also in that same range (192.168.1.1) and that's when it was working (dhcp using out of the box configuration). So I figured that changing my LAN to another internal range would be fine so I changed it to 10.10.10.20…
I have Suricata and pfBlocker packages installed and highly configured (which took like 5 days straight to set up). The pfBlocker uses unbound if I'm not mistaken because of the DNSBL feature that I'd also enabled.
As for DNS, I was using OpenDNS 208.67.222.222 through 127.0.0.1 because of unbound I believe with DNSSEC enabled.
That's all I can remember right now, but if you have more questions after reading this then I'll try to remember more...thank you!
-
It sounds like you are confusing two different things
WAN interfaces have to match up with whatever the ISP provisions. If they say you have to get your IP address with DHCP/PPPoE/Static, you have to set your IP address with DHCP/PPPoE/Static. You can't just change it at will.
LAN interfaces are completely under your control. Those are typically statically set and run a DHCP SERVER so CLIENTS on the LAN segment can be configured using DHCP.
Whoops, already answered
-
If your WAN was on 192.168.1.1 before, you can't just change it to 10.10.10.20. It has to be on the same subnet as your upstream router's LAN.
Lots of ways to use the wifi in that device without keeping that device upstream.
You need to be more clear about what interfaces you are talking about.
-
If your WAN was on 192.168.1.1 before, you can't just change it to 10.10.10.20. It has to be on the same subnet as your upstream router's LAN.
Lots of ways to use the wifi in that device without keeping that device upstream.
You need to be more clear about what interfaces you are talking about.
Hello Derelict, I just realized now that back in my original post I made a big mistake when I'd said that I changed the WAN to 10.10.10.20…I meant to say I changed the LAN to 10.10.10.20...that was really stupid of me and I didn't mean to write that...
To alleviate this problem with not being able to access the pfSense webGUI since changing the LAN from 192.168.1.1, to 10.10.10.20, can I just disconnect the ethernet from the pfSense WAN, unplug the pfSense box, then plug it back in, and then hopefully access it?
-
If you changed LAN to 10.10.10.20 you need to configure your LAN host to be on the 10.10.10.0/24 subnet and connect to 10.10.10.20 to access the GUI again.
DHCP release/renew will also work if you followed the instructions presented when you changed the interface address that tell you to remember to update the DHCP pool addresses to the new scheme.
-
If you changed LAN to 10.10.10.20 you need to configure your LAN host to be on the 10.10.10.0/24 subnet and connect to 10.10.10.20 to access the GUI again.
DHCP release/renew will also work if you followed the instructions presented when you changed the interface address that tell you to remember to update the DHCP pool addresses to the new scheme.
Mistyped this question here, irrelevant
-
You need to connect to the console and use console option 2 to reassign the IP address for LAN but using a 10.10.10.20/24. That /32 is not right and is likely breaking everything.
No, that's not right. You need to google IP subnet to get some good educational results.
-
Absolutely. You need to try to understand the concept of netmasks before you do anything else. Setting a /32 mask on your LAN interface means you've masked off all of your internal hosts from accessing the internal interface. Have a look here for a bit more explanation:
https://www.iplocation.net/subnet-mask
-
Absolutely. You need to try to understand the concept of netmasks before you do anything else. Setting a /32 mask on your LAN interface means you've masked off all of your internal hosts from accessing the internal interface. Have a look here for a bit more explanation:
https://www.iplocation.net/subnet-mask
Hi muswell, thank you for the link! I've avoided subnetting all my life because I always feel like an idiot when trying to understand it…sad yes...that link helps a bit...
-
I accidentally gave bad advice to a possible solution here, apologies
-
I accidentally gave bad advice to a possible solution here, apologies
-
Looks like you're already logged in. Looks like you changed the admin username. type exit and you should get the console menu.
-
Looks like you're already logged in. Looks like you changed the admin username. type exit and you should get the console menu.
I typed "exit" after logging in as "x" and all it did was go back to a prompt asking me to login…what next?
-
The default configuration does not have a console password.
Try logging in and running /etc/rc.initial
You really should be using the default admin / root account for this. You're getting yourself into the weeds stepping outside the default config without understanding what it really does. You will not be able to change the root password using that account without having installed the sudo package and sudoing to root first, for example.
-
I accidentally gave bad advice to a possible solution here, apologies
-
Like I said, you need to use the default admin / root user or use sudo.
Stop logging in as that user you created. Log in as admin or root.
-
Like I said, you need to use the default admin / root user or use sudo.
Stop logging in as that user you created. Log in as admin or root.
I'll try logging in as root and then try different passwords but as I said previously I disabled the default administrative account.
-
Logged in successfully but now the Dashboard keeps saying "Unable to check for updates" and I can't view my installed packages or available packages under the Package Manager due to an error "unable to retrieve package information". This is of course despite having internet access to the pfSense box and having downloaded my AV updates etc on my Windows PC…
Is that indicative of some new significant issue since I had to console and restart so many dozens of times trying to fix my prior issue?
-
JFC dude really?? Seems like you borked the shit out of your install.. As to not finding updates this going going to be dns related.. What is the pfsense using for dns? Are you running the default resolver (unbound) or dnsmasq the forwarder? Where does pfsense point for dns?
Weeks to redo your setup?? Sorry but I just call BS on that to be honest.. Do you have hundreds of vlans all with different rules? Take a backup of your firewall rules, clean install and reload your firewall rules. Should be all of a few minutes.
-
JFC dude really?? Seems like you borked the shit out of your install.. As to not finding updates this going going to be dns related.. What is the pfsense using for dns? Are you running the default resolver (unbound) or dnsmasq the forwarder? Where does pfsense point for dns?
Weeks to redo your setup?? Sorry but I just call BS on that to be honest.. Do you have hundreds of vlans all with different rules? Take a backup of your firewall rules, clean install and reload your firewall rules. Should be all of a few minutes.
I said a week (didn't say weeks) of my free time to set up my box from a default configuration…suffice it to say that I have a complicated setup and quite a few packages...Snort usually eats up the most time to tune properly
I'm using DNS resolver unbound 127.0.0.1 which then points to my default gateway IP address...last night I disabled the resolver and it didn't help...
It does indeed seem that I have borked my install...shame on me...bummer...since other people are having similar problems I suppose I'll try their proposed method of consoling into the device and upgrading via option 13 I believe it was...
