DHCP on LAN



  • I am setting up my new pfsense in test mode and I set up DHCP and the LAN. I new to Freebsd and pfsense although have many years in advanced networking so please forgive my noob questions.

    1. I notice on the console script it does not allow DHCP to be choosen on the LAN but on the web GUI it does. Is they by design or am I missing something
    2. According to a very old post from 2013 the following was posted:

    When set for DHCP, an interface is considered a WAN and thus does NOT get considered as a source for automatic outbound NAT. If you want to >set LAN to use DHCP, you'll need to use Manual Outbound NAT and specify a proper source for the network.

    You will also need to either set the "disable reply-to" option on all LAN-side rules, or disable reply-to globally under System > Advanced on the >Firewall/NAT tab.

    Otherwise it should work OK. Not really a good/standard config, but it should work.

    Is that still true in the latest release of pfsense 2.4.x

    1. There is  book  pfSense: The Definitive Guide. written apparently by the same person who posted the info above. It has very good ratings by is from 2009. Is is still relevant to the current releases

    Thx in advance


  • Netgate

    Yes. a LAN interface that OBTAINS ITS INTERFACE ADDRESS VIA DHCP will be considered a WAN. This has zero to do with running a DHCP SERVER on LAN.

    No, the hard-copy pfSense book was based on pfSense 1.2.3. pfSense 2.4 is currently in Beta and is considerably different. See my sig for a link to the new, living (constantly-updated) version of the book.



  • Thanks for responding

    so when the LAN acts as a WAN (I did know it had nothing to do with being a DHCP server) is that in regards to automatic outbound NAT or are there other areas?

    Steve


  • Netgate

    route-to and reply-to



  • Thanks for your reply.
    I was able to find more inf on route-to and reply-to in openbsd pf doc thena pfsense.
    https://www.openbsd.org/faq/pf/pools.html
    route-to wasn't in the pfsense pdf at all.
    If something isn't in the doc is there a reason and if thee a known place to go.
    Also there is an openbsd pf book. Would it be worth it to buy that for pfsense additional doc