Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Stop DHCP between Interfaces

    DHCP and DNS
    2
    6
    867
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      TomT last edited by

      Hi

      I'm currently testing a few setup scenarios

      WAN is currently on my main network 192.168.18.1
      LAN 192.168.1.1
      OPT1 192.168.2.1

      I've set a wifi access point on 192.168.2.254 and connected a client to it.
      The firewall rules allow this client access to OPT1 and WAN, but not LAN.

      My issue is on my main network I have a DHCP server, so the wireless client has got an IP Address from that DHCP server, not the one configured on OPT1.

      Can I stop that  ?  so DHCP requests going across interfaces ?

      Thanks

      1 Reply Last reply Reply Quote 0
      • johnpoz
        johnpoz LAYER 8 Global Moderator last edited by

        It is not possible for that to happen, unless you setup dhcp relay??  Or your networks are connected at layer 2?

        So your connecting both your lan and opt to the same switch, which does not support vlans - and or you have not isolated with vlans?

        Can you draw up your network.  When you say you have a dhcp server on your main lan, you do mean other than pfsense right.  And on your opt1 what is providing dhcp?

        If your lan and opt are connected to the same switch it needs to support vlans and you need to create different vlans for lan and opt.  Or you need to use 2 different dumb switches.  Connecting both your lan and opt to the same dumb switch amounts to running 2 layer 3 networks on the same layer 2.  And yeah that is a borked config.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        Please don't Chat/PM me for help, unless mod related
        Read https://www.netgate.com/docs/pfsense/book/
        SG-2440 2.4.5p1 | 4x SG-3100 2.4.4p3 | SG-4860 21.05

        1 Reply Last reply Reply Quote 0
        • T
          TomT last edited by

          How stupid do I feel  :P

          Everything is running in VM on one host all sharing the same LAN and switch port, which is then connected to my LAN.
          So it's all shared with no VLANs or segmentation..

          I should have realised..  :-[

          Moving forward I'm looking at this with 8GB Ram and 64GB SSD
          https://www.amazon.co.uk/gp/product/B01LEU8JO8/ref=pd_sbs_147_1?ie=UTF8&psc=1&refRID=972HZ9G17J3Y73S2J24M

          I'm assuming each Interface will be isolated from the other, unless I add specific rules.

          Thanks

          1 Reply Last reply Reply Quote 0
          • johnpoz
            johnpoz LAYER 8 Global Moderator last edited by

            Unless you plug them into the same dumb switch ;)

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            Please don't Chat/PM me for help, unless mod related
            Read https://www.netgate.com/docs/pfsense/book/
            SG-2440 2.4.5p1 | 4x SG-3100 2.4.4p3 | SG-4860 21.05

            1 Reply Last reply Reply Quote 0
            • T
              TomT last edited by

              Thanks.
              I'm hoping to setup the ports as

              1 WAN
              2 LAN
              3 WiFi access point

              And then do rules to only allow specific WiFi clients (by IP) to the LAN, but all can have WAN access.

              Happy to accept some advice on this  :D

              1 Reply Last reply Reply Quote 0
              • johnpoz
                johnpoz LAYER 8 Global Moderator last edited by

                sure that is very simple setup.

                An intelligent man is sometimes forced to be drunk to spend time with his fools
                Please don't Chat/PM me for help, unless mod related
                Read https://www.netgate.com/docs/pfsense/book/
                SG-2440 2.4.5p1 | 4x SG-3100 2.4.4p3 | SG-4860 21.05

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post

                Products

                • Platform Overview
                • TNSR
                • pfSense
                • Appliances

                Services

                • Training
                • Professional Services

                Support

                • Subscription Plans
                • Contact Support
                • Product Lifecycle
                • Documentation

                News

                • Media Coverage
                • Press
                • Events

                Resources

                • Blog
                • FAQ
                • Find a Partner
                • Resource Library
                • Security Information

                Company

                • About Us
                • Careers
                • Partners
                • Contact Us
                • Legal
                Our Mission

                We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                Subscribe to our Newsletter

                Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                © 2021 Rubicon Communications, LLC | Privacy Policy