Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    pfSense Spectrum

    General pfSense Questions
    5
    23
    619
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      StacyAnn33 last edited by

      Re: pfsense with Spectrum Internet
      After reading the above topic several times over and over again, it seems as tho you can not set up a private IP Address on the WAN interface if you are connecting the modem directly to the pfSense box. If this is true, then can you set a private IP Address for the LAN interface and have the two talk back and forth to each other? I've been trying to get my network set up with my Spectrum modem connected directly to my pfSense device which is an older watchguard firebox.

      Is there any way to set up a private IP Address for the WAN interface and be able to get out into the internet from a LAN computer?

      provels 1 Reply Last reply Reply Quote 0
      • provels
        provels @StacyAnn33 last edited by provels

        @StacyAnn33 Sounds like you are behind a modem/gateway that is assigning a private IP on it's LAN side via its own DHCP? If so, you need to turn off the checkbox at "Interfaces/WAN/Reserved Networks/Block private networks and loopback addresses" so it won't ignore a private address. But if you could set your gateway to bridge mode you would be better off, avoiding the double NAT.

        1 Reply Last reply Reply Quote 0
        • S
          StacyAnn33 last edited by

          Ok, I did try that and it didn't seem to do anything. Currently I have the dhcp setup for WAN configuration. Tho I can not even get to the LAN webgui to change anything. I took time and unplugged the modem itself to set up all interface IP address with a /16 subnet mask as that's what my wifi router needed just to connect to the internet before. Seems as tho if I factory reset pfsense everything works just fine. Tho, I'd rather not have my ISP giving out my LAN ips. But since I can't even connect to the webgui to change any settings once I set the private IP's all around, it tends to leave me stumped because I simply can't figure it out. I can post my network settings if it will help. I tend to have them memorized. It just stumps me because of my own IT background. I do happen to have an associate degree as a Help Desk Support Specialist from a few years ago, but I didn't really learn any of this in the program itself. If I can get back to the webgui I will try your suggestion as it seems to have worked for others. But like I said, I can't even connect to the webgui unless I factory reset pfsense itself.

          provels 1 Reply Last reply Reply Quote 0
          • provels
            provels @StacyAnn33 last edited by

            @StacyAnn33 Yes, post your WAN/LAN settings. You may want to pick up a copy of the pfSense book from https://docs.netgate.com/pfsense/en/latest/book/index.html and review https://docs.netgate.com/pfsense/en/latest/book/install/index.html

            1 Reply Last reply Reply Quote 0
            • S
              StacyAnn33 last edited by

              My WAN settings are totally configured by DHCP from Spectrum.
              My LAN Settings are 7.7.7.1/16.
              I do have Opt1 as 8.8.8.1/16
              Opt2 10.10.10.1/16
              Opt 3 9.9.9.1/16

              Now when I unplug my Spectrum Modem and allow it to reset before plugging the net cable into my watchguard firebox with pfSense installed and I plug the modem back in and allow it to boot up, the only connection that seems to be active is the WAN as it is configured via DHCP from Spectrum. Like I said previously I cannot get a connection on my LAN at all. Which the way I want my entire home network setup is Spectrum modem > pfSense > Cisco 2960 switch > Patch Panel, with the patch panel being the end of it as it will get connections from either pfSense or my switch via DHCP. Oh, I forgot one, I'll also have my linksys router for Wifi Connections as I do have several wifi devices, which would hopefully have it's own IP Address or it will acquire one from either Opt1-Opt3 interfaces. I simply may have to switch it to bridge mode for that to work how I want it to.

              Yes, I will happily get myself a copy of the pfSense book as well as review the other link so more familiarize myself with pfSense. I do ofcourse appreciate the help as well.

              1 Reply Last reply Reply Quote 0
              • chpalmer
                chpalmer last edited by chpalmer

                I hope those are not your real IP addresses.. 7.7.7.0 belongs to the department of defense and 8.8.8.0 belongs to Google.

                Static IPs work just fine on the pfsense WAN. If the static you are attempting to use really does belong to you and you have set it up correctly it will work. The OP in the link you provided had other configuration issues obviously. Like I said in that post.. My Spectrum customers all work just fine.

                Im betting you have no reason at all to be using /16 on your networks.. You should make those a more realistic number.

                1 Reply Last reply Reply Quote 0
                • stephenw10
                  stephenw10 Netgate Administrator last edited by stephenw10

                  This should work without any special setup. You don't even need to uncheck Block private networks and loopback addresses since that only applies to incoming connections.

                  Assuming here that you are not just trying to access the modem it sounds like you just have a subnet conflict. Probably both your Spectrum modem (actually a router) and pfSense are using 192.168.1.0/24 on their LANs. Also assuming those IPs above are not what you actually have there. If they are then, yeah, that's completely invalid, change those subnets to real private address space.

                  Steve

                  1 Reply Last reply Reply Quote 0
                  • S
                    StacyAnn33 last edited by

                    Ok, I didn't know that those two addresses where used by Google and the DoD. I have been using the 7.7.7.0 address for quite some time and have never had an issue with it until now. I will change them both when I get home from Thanksgiving tonight. I will also double check everything else as well. I hope everyone has a good Thanksgiving.

                    Gertjan 1 Reply Last reply Reply Quote 0
                    • stephenw10
                      stephenw10 Netgate Administrator last edited by

                      Just to be clear are you getting a public IP on the pfSense WAN via DHCP?

                      It looked like you are not initially but now I'm unsure...

                      Steve

                      1 Reply Last reply Reply Quote 0
                      • S
                        StacyAnn33 last edited by

                        Yes, I do get a public IP on the WAN interface. It's the LAN, Opt1, Opt2 and Opt3 all have no connection even with a statitc IP.

                        1 Reply Last reply Reply Quote 0
                        • chpalmer
                          chpalmer last edited by

                          https://en.wikipedia.org/wiki/Private_network

                          ☺

                          1 Reply Last reply Reply Quote 0
                          • stephenw10
                            stephenw10 Netgate Administrator last edited by stephenw10

                            Ok, so if you are getting a public IP on WAN then check you can connect out from pfSense itself. In webgui go to Diag > Ping and try to ping an fqdn, say, google.com. If that fails try 8.8.8.8.
                            If those succeed but clients inside cannot connect you may have a NAT problem, check Firewall > NAT > Outbound mode is set to automatic.
                            Or it could be a bad route, check you have a default route showing in Diag > Routes.

                            Steve

                            1 Reply Last reply Reply Quote 0
                            • Gertjan
                              Gertjan @StacyAnn33 last edited by

                              @StacyAnn33 said in pfSense Spectrum:

                              where used by Google and the DoD. I have been using the 7.7.7.0 address for quite some time and have never had an issue with it until now.

                              Wait .... you choose these IP's yourself for your own usage ??

                              You saw any of these lately in your neighbourhood ?

                              453e5a44-6c56-4762-bc74-6c537a6b3d41-image.png

                              1 Reply Last reply Reply Quote 0
                              • stephenw10
                                stephenw10 Netgate Administrator last edited by

                                Ha. I mean it's bad, you shouldn't do it, but it's all NAT'd it would only prevent you reaching any IPs in those subnets.

                                Gertjan 1 Reply Last reply Reply Quote 0
                                • Gertjan
                                  Gertjan @stephenw10 last edited by

                                  @stephenw10 said in pfSense Spectrum:

                                  only prevent you reaching any IPs in those subnets.

                                  Well, here we are :

                                  @StacyAnn33 said in pfSense Spectrum:

                                  and have never had an issue with it until now.

                                  Example : if you use 7.7.7.0/24 on your LAN, you can't reach 7.7.7.0/24 on the Internet.

                                  1 Reply Last reply Reply Quote 0
                                  • S
                                    StacyAnn33 last edited by

                                    Gertjan,

                                    Um, Yes I've seen those around since I do happen to live near a National Guard post. So yes, I do tend to see them from time to time. Yes, I chose them for myself and I never had an issue reaching google before. I kid you not, I do live next to a National Guard post and I had no previous issue reaching google. But with that said I did change them last night and was going to test what stephenw10 mentioned.

                                    1 Reply Last reply Reply Quote 0
                                    • S
                                      StacyAnn33 last edited by

                                      Ok. I have figured out the issue. I am just a little unsure how to fix it. Issue is a gateway issue. That is the only thing that is stopping me from being able to ping anything straight from pfSense. Once I figure that out I should be ok. Everything else looks like it's set right.

                                      1 Reply Last reply Reply Quote 0
                                      • stephenw10
                                        stephenw10 Netgate Administrator last edited by

                                        What sort of gateway issue? Not there? Doesn't respond to ping? No default route?

                                        Steve

                                        1 Reply Last reply Reply Quote 0
                                        • S
                                          StacyAnn33 last edited by

                                          It responds to ping. Default Gateway is set as WAN static IP. Which I did change to a more appropriate private address space. There is no default route. Gateway is set for DNS servers in General Setup. So yes, there is no default route.

                                          1 Reply Last reply Reply Quote 0
                                          • stephenw10
                                            stephenw10 Netgate Administrator last edited by

                                            You said your WAN is DHCP and receives a public IP address. It should therefore receive a gateway from the ISP at the same time and that will be the default gateway unless you have any other gateways defined (which you should not).

                                            What is configured as the default IPv4 gateway in System > Routing > Gateways?
                                            Set it as the WAN_DHCP gateway if it is not.

                                            Steve

                                            S 1 Reply Last reply Reply Quote 0
                                            • S
                                              StacyAnn33 @stephenw10 last edited by

                                              @stephenw10 ok, I really got stupid for a bit.i have to admit I didn't even realize my linksys router was set to dhcp for the wan port. I've been in and around its firmware more than enough that I should have known that. But oddly enough I didnt. So I just did exactly what you said without knowing you had said to do that for a few minutes. So now its working as it should. So yes I seriously got stupid for a bit.

                                              1 Reply Last reply Reply Quote 0
                                              • stephenw10
                                                stephenw10 Netgate Administrator last edited by

                                                It's easy to overlook stuff especially when you've been trying things over several days. ☺

                                                So is it up and running as expected now?

                                                Steve

                                                1 Reply Last reply Reply Quote 0
                                                • S
                                                  StacyAnn33 last edited by

                                                  Yes, the only thing left for me to do is get my wireless router connected up to it. Thanks everyone for all the help. I really learned something along the way.

                                                  1 Reply Last reply Reply Quote 0
                                                  • First post
                                                    Last post

                                                  Products

                                                  • Platform Overview
                                                  • TNSR
                                                  • pfSense
                                                  • Appliances

                                                  Services

                                                  • Training
                                                  • Professional Services

                                                  Support

                                                  • Subscription Plans
                                                  • Contact Support
                                                  • Product Lifecycle
                                                  • Documentation

                                                  News

                                                  • Media Coverage
                                                  • Press
                                                  • Events

                                                  Resources

                                                  • Blog
                                                  • FAQ
                                                  • Find a Partner
                                                  • Resource Library
                                                  • Security Information

                                                  Company

                                                  • About Us
                                                  • Careers
                                                  • Partners
                                                  • Contact Us
                                                  • Legal
                                                  Our Mission

                                                  We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                                                  Subscribe to our Newsletter

                                                  Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                                                  © 2021 Rubicon Communications, LLC | Privacy Policy