Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Requesting help with a laptop build

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    6 Posts 2 Posters 926 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      toseikai
      last edited by

      Hi,
      I'm new to networking in general, and I thought it would be fun to create a pfsense router with an old laptop that I had sitting around.  I watched Mark Furneaux's videos about pfsense on youtube, and thought I had enough knowledge to build my setup, but I'm now stuck.

      My configuration goes like this:

      Verizon GT784WNV (modem/router) -> D-link DGS-1210 managed switch -> laptop with pfsense

      The laptop only has one NIC, so I thought I could use VLANs to set everything up.

      What I've done so far is create 2 VLANs on the switch with the first containing the modem (untagged) and the laptop (tagged) and the second one containing the laptop (tagged) and all the other ports (untagged).

      In pfsense on the laptop, I've assigned vlan1 to WAN and vlan2 to LAN.  I'm able to get an IP on WAN through DHCP (192.168.1.6/24).  I've set the LAN IP to 192.168.10.1/24.

      The problem is that when I connect a computer to this setup, I can't get an IP and I have no internet connectivity.

      Can someone please tell me what I'm doing wrong?  I've been at this for hours, and I can't seem to figure it out!

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis
        last edited by

        What you report you have done is all good.

        1. When changing/setting the LAN IP, did you then go and also change the DHCP Server range to be in the new LAN subnet?

        2. Do Diagnostics->Packet Capture on the pfSense device to see if any DHCP request is received.

        3. Try setting a fixed IP on the client, then you can try ping etc from the client and see if it works, and use Packet Capture on pfSense if it does not work, to see if the echo requests are getting through.

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • T
          toseikai
          last edited by

          Thank you for replying Phil.

          I can't even get into the web configurator at this point.  I've tried the following:

          1. Connecting to the Verizon router and trying to access the web configurator through the laptop's WAN IP and LAN IP
          2. Connecting to the Verizon router, setting a static IP in the laptop's LAN IP subnet, and trying to access the web configurator
          3. Connecting to the laptop's LAN VLAN and trying to access the web configurator through the laptop's WAN and LAN IPs.

          When I connect to the LAN VLAN, I get a 169.xxx.xxx.xxx IP address.  I can't ping the laptop.

          If I try to set a static IP of 192.168.10.100 (within the laptop's DHCP range), I still can't ping the laptop.

          I'm not really understanding why I can't get to the web configurator when I set up VLANs.  When I reset pfsense to only have a WAN IP address, I can access the web configurator just fine.  Could it be a problem with my VLAN setup on my switch?

          1 Reply Last reply Reply Quote 0
          • T
            toseikai
            last edited by

            Actually, I just figured out why web config wasn't working.  I was closing the laptop screen every time I used my other computer thinking that it would just shut off the screen, but I guess it put the whole system on standby?

            Anyways, for your first suggestion, when I try to go to Services -> DHCP Server, it tells me that DHCP relay is on so I can't start the server.  When I go to Services -> DHCP Relay, it tells me DHCP Server is on so I can't start a relay.

            For your third item, I am able to ping the laptop when I set a static IP.

            For your second item, this is what I get from packet capture when I try to connect to pfsense with my phone:

            14:25:41.724683 IP 192.168.10.100.65135 > 81.161.59.90.80: tcp 95
            14:25:41.725193 IP 192.168.10.100.65095 > 52.26.39.129.443: tcp 404
            14:25:41.763546 IP 52.26.39.129.443 > 192.168.10.100.65103: tcp 0
            14:25:41.764657 IP 192.168.10.100.65103 > 52.26.39.129.443: tcp 72
            14:25:41.765945 IP 192.168.10.100.65136 > 192.168.10.1.80: tcp 0
            14:25:41.832023 IP 52.26.39.129.443 > 192.168.10.100.65103: tcp 0
            14:25:41.835482 IP 52.26.39.129.443 > 192.168.10.100.65095: tcp 0
            14:25:41.836031 IP 52.26.39.129.443 > 192.168.10.100.65103: tcp 227
            14:25:41.836459 IP 192.168.10.100.65095 > 52.26.39.129.443: tcp 106
            14:25:41.883450 IP 192.168.10.100.65103 > 52.26.39.129.443: tcp 0
            14:25:41.944775 IP 52.26.39.129.443 > 192.168.10.100.65095: tcp 0
            14:25:41.950814 IP 52.26.39.129.443 > 192.168.10.100.65095: tcp 227
            14:25:41.956673 IP 81.161.59.90.80 > 192.168.10.100.65135: tcp 0
            14:25:41.999268 IP 192.168.10.100.65095 > 52.26.39.129.443: tcp 0
            14:25:44.871232 10:a5:d0:54:cb:13 > ff:ff:ff:ff:ff:ff Null Unnumbered, xid, Flags [Response], length 46: 01 00
            14:25:45.469185 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 309
            14:25:46.953726 IP 173.194.202.189.443 > 192.168.10.100.56961: UDP, length 39
            14:25:46.975514 IP 192.168.10.100.56961 > 173.194.202.189.443: UDP, length 41
            14:25:47.098670 IP 173.194.202.189.443 > 192.168.10.100.56961: UDP, length 39
            14:25:47.110168 IP 192.168.10.100.56961 > 173.194.202.189.443: UDP, length 35
            14:25:49.860132 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 309
            14:25:57.372983 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 309
            14:26:01.963915 IP 192.168.10.100.56961 > 173.194.202.189.443: UDP, length 23
            14:26:02.072381 IP 173.194.202.189.443 > 192.168.10.100.56961: UDP, length 33
            14:26:06.793302 ARP, Request who-has 192.168.10.1 (00:26:2d:fc:5b:26) tell 192.168.10.100, length 46
            14:26:06.793308 ARP, Reply 192.168.10.1 is-at 00:26:2d:fc:5b:26, length 28
            14:26:14.235362 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 309
            14:26:14.906966 IP 173.194.202.189.443 > 192.168.10.100.56961: UDP, length 39
            14:26:14.930729 IP 192.168.10.100.56961 > 173.194.202.189.443: UDP, length 38
            14:26:17.277684 10:a5:d0:54:cb:13 > ff:ff:ff:ff:ff:ff Null Unnumbered, xid, Flags [Response], length 46: 01 00
            14:26:18.801628 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 309
            14:26:20.903165 IP 81.161.59.90.80 > 192.168.10.100.65135: tcp 279
            14:26:20.917856 IP 192.168.10.100.65103 > 52.26.39.129.443: tcp 404
            14:26:20.918205 IP 192.168.10.100.65135 > 81.161.59.90.80: tcp 95
            14:26:21.089845 IP 52.26.39.129.443 > 192.168.10.100.65103: tcp 0
            14:26:21.091138 IP 192.168.10.100.65103 > 52.26.39.129.443: tcp 106
            14:26:21.169475 IP 81.161.59.90.80 > 192.168.10.100.65135: tcp 0
            14:26:21.204224 IP 52.26.39.129.443 > 192.168.10.100.65103: tcp 0
            14:26:21.216207 IP 52.26.39.129.443 > 192.168.10.100.65103: tcp 227
            14:26:21.275025 IP 192.168.10.100.65103 > 52.26.39.129.443: tcp 0
            14:26:23.088365 IP 0.0.0.0.68 > 255.255.255.255.67: UDP, length 309

            1 Reply Last reply Reply Quote 0
            • T
              toseikai
              last edited by

              So… I got everything to work by just resetting pfsense to the default settings and changing all the settings again.  I feel dumb.  Thanks anyways.

              1 Reply Last reply Reply Quote 0
              • P
                phil.davis
                last edited by

                Yeh, the default settings have DHCP on LAN with a pass all rule for traffic originating from LAN side. I guess you did something odd when creating the VLANs the first time and re-assigning interfaces to the VLANs.

                As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
                If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.