IP Alias on DHCP'd interface

General pfSense Questions
Log in to reply
  • I

    Hi,

    I have a WAN interface connected to a cable modem, which uses DHCP.

    I wanted to add an ip alias to that interface - 192.168.100.x - to be able to access the admin interface of the modem.

    This worked fine under normal circumstances, but I found if the connection went down and the interface lost the WAN IP via DHCP, it seemed as if it added the ip alias first and that became the primary ip - so when the WAN IP came back via DHCP, they were the wrong way round.

    Is there any way round this?

    Currently i've had to resort to only adding the alias when I actually want to access the modem interface, and removing it again afterwards.

    Thanks,

    Ian

    0
  • KOM

    I'm a bit confused here.  Why exactly do you need to define an IP alias just to access the modem's admin page?

    0
  • I

    because it's on 192.168.100.1 - but my WAN2 interface, when the connection is up and it's done DHCP, has my internet-routable IP, eg: 81.xxx.xxx.xxx.

    So I defined an IP Alias of 192.168.100.10, which worked nicely, other than it betting made the primary ip and breaking things when the connection went down and came back again.

    0
  • KOM

    because it's on 192.168.100.1

    Why can't you reach it by using its IP address?  Maybe a quick & dirty network diagram would help.

    IP aliases allow one of your pfSense NICs to assume another IP address.  This is typically used in conjunction with NAT port forwards.  You do not use them to assign an IP address that's already in use by another device on the network.

    0
  • I

    The modem's IP is 192.168.100.1.

    But on pfsense that interface has the internet-routable IP.

    In normal operation, the modem is invisible. But sometimes it's useful to see it's admin interface.

    Assigning an ip alias of 192.168.100.10 (which is different to .1 so not in use?!) works fine - other than the ordering bug I described.

    Diagram:

    Virgin Media <–coax--> Cable Modem (192.168.10.1) <--ethernet--> pfsense: igb2 - (81.123.123.20 via DHCP / 192.168.100.10)

    0
  • KOM

    Where's WAN2 in this mix?

    0
  • I

    igb2 is WAN2

    0
  • KOM

    Could you fill in the blanks or correct me if I have this wrong?


    0
  • I

    No, sorry! - it looks like this!

    There is of course a WAN1, and lots of LAN VLAN interfaces, but that's not relevant here.

    ![Screen Shot 2017-01-26 at 19.08.16.png](/public/imported_attachments/1/Screen Shot 2017-01-26 at 19.08.16.png)
    ![Screen Shot 2017-01-26 at 19.08.16.png_thumb](/public/imported_attachments/1/Screen Shot 2017-01-26 at 19.08.16.png_thumb)

    0
  • KOM

    OK now I understand but unfortunately I don't have a solution for you other than to manually assign a VIP when you need to access the modem admin page, which have already thought of.

    0

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2021 Rubicon Communications, LLC | Privacy Policy