Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Stop DHCP between Interfaces

    Scheduled Pinned Locked Moved DHCP and DNS
    6 Posts 2 Posters 1.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      TomT
      last edited by

      Hi

      I'm currently testing a few setup scenarios

      WAN is currently on my main network 192.168.18.1
      LAN 192.168.1.1
      OPT1 192.168.2.1

      I've set a wifi access point on 192.168.2.254 and connected a client to it.
      The firewall rules allow this client access to OPT1 and WAN, but not LAN.

      My issue is on my main network I have a DHCP server, so the wireless client has got an IP Address from that DHCP server, not the one configured on OPT1.

      Can I stop that  ?  so DHCP requests going across interfaces ?

      Thanks

      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by

        It is not possible for that to happen, unless you setup dhcp relay??  Or your networks are connected at layer 2?

        So your connecting both your lan and opt to the same switch, which does not support vlans - and or you have not isolated with vlans?

        Can you draw up your network.  When you say you have a dhcp server on your main lan, you do mean other than pfsense right.  And on your opt1 what is providing dhcp?

        If your lan and opt are connected to the same switch it needs to support vlans and you need to create different vlans for lan and opt.  Or you need to use 2 different dumb switches.  Connecting both your lan and opt to the same dumb switch amounts to running 2 layer 3 networks on the same layer 2.  And yeah that is a borked config.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        1 Reply Last reply Reply Quote 0
        • T
          TomT
          last edited by

          How stupid do I feel  :P

          Everything is running in VM on one host all sharing the same LAN and switch port, which is then connected to my LAN.
          So it's all shared with no VLANs or segmentation..

          I should have realised..  :-[

          Moving forward I'm looking at this with 8GB Ram and 64GB SSD
          https://www.amazon.co.uk/gp/product/B01LEU8JO8/ref=pd_sbs_147_1?ie=UTF8&psc=1&refRID=972HZ9G17J3Y73S2J24M

          I'm assuming each Interface will be isolated from the other, unless I add specific rules.

          Thanks

          1 Reply Last reply Reply Quote 0
          • johnpozJ
            johnpoz LAYER 8 Global Moderator
            last edited by

            Unless you plug them into the same dumb switch ;)

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.8, 24.11

            1 Reply Last reply Reply Quote 0
            • T
              TomT
              last edited by

              Thanks.
              I'm hoping to setup the ports as

              1 WAN
              2 LAN
              3 WiFi access point

              And then do rules to only allow specific WiFi clients (by IP) to the LAN, but all can have WAN access.

              Happy to accept some advice on this  :D

              1 Reply Last reply Reply Quote 0
              • johnpozJ
                johnpoz LAYER 8 Global Moderator
                last edited by

                sure that is very simple setup.

                An intelligent man is sometimes forced to be drunk to spend time with his fools
                If you get confused: Listen to the Music Play
                Please don't Chat/PM me for help, unless mod related
                SG-4860 24.11 | Lab VMs 2.8, 24.11

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.