FreeNAS jail behind pfSense NAT - do NOT specify a MAC address



  • Hi all:

    I'm just trying to save others the same grief I went through.

    I have had this problem with several versions of Plex Media Server running in a jail on FreeNAS 9.x (again, various versions), all behind a pfSense 2.x firewall.

    When I initially setup the jail, I noted the MAC address it reported to pfSense, added it to the jail config and made a DHCP reservation in pfSense so that the IP address would always be the same.

    Well, it turns out that this makes port forwarding, whether by a NAT entry or UPnP/NAT-PMP, impossible. The ARP entry that pfSense keeps (whether you select static ARP for the DHCP reservation or not) is wrong, I believe.

    Anyway, if you don't specify a MAC address for the jail, UPnP works fine. I didn't test how things work if you specify a static IP for the jail, as that looked like a hassle to specify DNS servers, etc.

    FWIW, YMMV, and all other relevant caveats apply.


  • LAYER 8 Netgate

    Pretty sure you should set your FreeNAS Jail IP address in FreeNAS, not using DHCP.



  • Jails don't have their own network adapters that could be identied in DHCP by MAC addresses, they are just chroot type environments that use the host's network stack for connectivity. To give a jail an IP address you usually set up an IP alias on the host's network adapter and then assign that IP address to the jail in the jail configuration.


Log in to reply