Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Understanding diffrences between em0 and WAN address

    Scheduled Pinned Locked Moved Routing and Multi WAN
    7 Posts 3 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rcmpayne
      last edited by

      Hello All,

      My isp requires that my wan be on vlan 35 which i have all setup correctly. VLAN35 on em0, re0 on LAN. When looking at my firewall logs i see that all TCP traffic on interface WAN and LAN but i also see multicast traffic UDP/IGMP on interface em0. Does the logs over interface em0 mean that its going external? why do i see em0 and WAN at times?

      IGMP
      allow Mar 27 21:12:48 em0 (1770009770)   192.168.0.126   224.0.0.251 IGMP
      allow Mar 27 21:12:48 LAN (1770009770)   192.168.0.126   224.0.0.251 IGMP
      allow Mar 27 21:12:36 em0 (1770009770)   192.168.0.126   224.0.0.251 IGMP
      allow Mar 27 21:12:36 LAN (1770009770)   192.168.0.126   224.0.0.251 IGMP
      allow Mar 27 21:12:36 LAN (177009770)   192.168.0.126   224.0.0.251 IGMP
      block Mar 27 21:12:36 em0 (1000002620)   192.168.0.126   224.0.0.2 IGMP

      TCP
      block Mar 27 21:16:43 LAN pfB_firehol_level1 auto rule (1770009847)   192.168.0.116:58242   10.2.72.22:8443 TCP:S
      block Mar 27 21:16:42 WAN pfB_firehol_level1 auto rule (1770010967)   196.52.43.64:59315   156.34.23.161:465 TCP:S

      1 Reply Last reply Reply Quote 0
      • BBcan177B
        BBcan177 Moderator
        last edited by

        Not related to your question. But as an FYI. The level1 feed also has bogons included. So that feed should only be used for Inbound WAN traffic.

        "Experience is something you don't get until just after you need it."

        Website: http://pfBlockerNG.com
        Twitter: @BBcan177  #pfBlockerNG
        Reddit: https://www.reddit.com/r/pfBlockerNG/new/

        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator
          last edited by

          Did you setup any IP on em0?  Or just on the vlan 35 sitting on em0?

          Untagged traffic would hit em0..

          How do you have this connected?  Seems the same L2 traffic is hitting your lan and you wan interface??

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.7.2, 24.11

          1 Reply Last reply Reply Quote 0
          • R
            rcmpayne
            last edited by

            i don't think i have. Here is a screenshot. if you need anything else please let me know. is it possible to block all traffic on em0 aka non-vlan traffic?

            Pfsense has 3 nics,
            1 -  Onboard 1000/100 connected to my ONT (WAN)
            2 -  PCMCIA 1000/100 connected to my switch (LAN traffic)
            3 -  Onboard Wireless - disabled

            Interface.png
            Interface.png_thumb

            1 Reply Last reply Reply Quote 0
            • johnpozJ
              johnpoz LAYER 8 Global Moderator
              last edited by

              That is not showing the interface - that is just showing vlans.  Actually go into interface em0

              What is em0 connected too.. If correctly configured on the switch no untagged traffic should get to it.  Seems to me that your seeing the same traffic on both your lan and em0 at the same time.  Like they are in the same untagged vlan.

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              SG-4860 24.11 | Lab VMs 2.7.2, 24.11

              1 Reply Last reply Reply Quote 0
              • R
                rcmpayne
                last edited by

                here you are. My three switches are not managed btw. pfsense LAN connects to a switch that also connects to 2 more switches and 2 ap's. WAN(em0 vlan35) connects directly to my ONT which converts LAN to Fibre for my ISP

                WAN_interface_1.png
                WAN_interface_1.png_thumb
                WAN_interface_2.png
                WAN_interface_2.png_thumb
                WAN_interface_3.png
                WAN_interface_3.png_thumb

                1 Reply Last reply Reply Quote 0
                • R
                  rcmpayne
                  last edited by

                  So i just tried something and it seems to work. not sure if i was suppose to create a em0 interface when i created my pfsense router.

                  1. Go to Interface -> assign
                  2. assign em0 as only one with a vlan exist on WAN
                  3. enable the interface em0
                  4. go to Firewall rules and select the em0 tab
                  5. create a rule to block all traffic.

                  WAN_interface_4.png
                  WAN_interface_4.png_thumb

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.