Guest network to Netgate SG-1100 (without modem) installation
-
@KOM Thanks for the reply! This was definitely helpful for me.
-
I'm a little late to this party, but I would also vote "yes" to having a "display hidden rules" option in the GUI. Would be fine to default the option to "off".
I managed Checkpoint firewalls for many years and they also have hidden rules except they call them "implied rules". But there is a mechanism to display them in their firewall management GUI tool if you had a need to examine them.
-
Hey all, so I have a couple questions about manually assigning an address, mask, etc. @KOM might be able to help me the most here. I went to the PFsense user interface, clicked on the System tab and scrolled down to the Setup Wizard secondary tab. Proceeding to step 4, I configured and typed in a static IP. Is this the correct approach? The WAN port is still down as seen in the attached photo. I have also included the error I am getting on Windows 10.
-
Well if your wan is down - not sure how you think some pc on your lan is going to have internet?
-
WAN is 0.0.0.0 which means it's in DHCP mode but did not get an address from your ISP. Maybe there is something going on with your switch port config. I've never used Netgate hardware so I don't really know much about that.
-
@rpwoods13 said in Guest network to Netgate SG-1100 (without modem) installation:
to a guest RJ45 (wall outlet) at work and have yet to connect to the internet.
If this is like any actual work network, any unused ports would be disabled.. And if live they would have some sort of port security on them - only specific mac, or have to auth via 802.1x etc.
But your not going anywhere unless you can get an IP on wan.
-
I assigned a static IP address once again to get an IP for the WAN port. The WAN port is still down, but instead of ‘none’ consistently showing, I have ‘1000baseT<full-duplex>‘ alternating with ‘none’. Thoughts?
-
-
Was that static IP address assigned to you by your ISP? You can't just pick one out of the air and use it and expect it to work.
-
Again, I don't know much about Netgate hardware and the switch port but the fact that your WAN switch port is down is probably not a good sign.
-
-
You can not just assign a random static IP and expect get anywhere..
if your interface keeps going up down, errors, etc. then points to something wrong with that port, or security set on it, etc. Like I mentioned if work network - they should unless some ma and pop shop, have some sort of NAC setup so random people can not just plug shit into any random port and get on the network.
I suggest you get with the IT dept on what your wanting to do.
edit: example even our conference rooms, there are multiple interfaces right in the table.. But they are disabled until specifically requested to be turned on and connected to the guest network. Most guests are expected to just use the wireless guest network. If for some reason they request a wired port, then we would enable that port for guest access. And when the meeting over the port would be disabled.
If that interface is suppose to be active.. Then its should just be dhcp, or the IT dept would tell you what IP/MASK and gateway to setup. But if the interface status is bouncing up/down/duplex changing, etc. Then it points to something wrong with that port or cable your using.. Or something wrong with the port on the sg1100.. If you plug the sg1100 wan into say your soho router at home does it get an IP?
-
Until you see thr WAN switch port show a link you have no upstream connectivity. The wall jack you are testing may just be disconnected from what we are seeing right now.
Steve
