2 wireless ap's, 2 physical interfaces, DHCP assignment conflicts

  • I have one wireless AP on my LAN interface setup and running just fine. I have DHCP mappings and specific rules set for things mapped on my LAN (192.168.1.etc.) I have a spare wireless AP and spare physical interfaces (I have a 4port intel nic, a two port intel nic, and 2 single intel nics) on my pfsense box to use so why not. So, I thought i would setup another guest network on one of the open interfaces and set the interface to Guest (192.168.3.etc.). DHCP server running on both and for the most part working ok. An issue i have noticed is when i connect my laptop on the new guest wifi network that it sometimes assigns my DHCP static mapped LAN address (, and sometimes it assigns it a Guest network address (192.168.3.x). ill attach some screen shots to each interface DHCP page .

    I would like any device that connects to the guest wifi network AP to get a guest ip (192.168.3.x), and if connected to the lan wifi AP to get a lan ip (192.168.1.x). is there something i'm forgetting (besides proper grammer) or are the static mappings throwing things off? again, there doesnt seem to be a rhyme or reason why sometimes on the guest network i still get a lan IP assigned and other times i get a guest ip assigned for the same device even thought the networks are on separate physical interfaces/networks. the devices are working correctly (per my designated interface firewall rules), it's the ip assignment that is unpredictable. Thanks in advance!
    Screenshot_2019-03-24 Services DHCP Server LAN1 - pfSense localdomain.png
    Screenshot_2019-03-24 Services DHCP Server LAN2 - pfSense localdomain.png
    Screenshot_2019-03-24 Services DHCP Server GUEST1 - pfSense localdomain.png
    Screenshot_2019-03-24 Services DHCP Server GUEST2 - pfSense localdomain.png

  • LAYER 8 Netgate

    Sounds like your network is not properly-isolated at Layer 2.

  • @Derelict
    Yes! That was it. Totally overlooked a few connections. Thank you kind sir

  • @Ev4nsp479

    Any reason you're hiding the MAC addresses? They're irrelevant beyond the local LAN.

Log in to reply