4. Disallow DHCP traffic between VLANs

Disallow DHCP traffic between VLANs

  • A

    Hi,

    I have 5 vlans in my pfsense setup. Each of them has its own network subnet and for 4 of them, pfsense acts like a dhcp server.

    For one of the vlans, the dhcp server of pfsense is not activated on the interface but I did setup a centos DHCP server.

    There is not firewall rules on that specific interface thus no traffic should be allowed to/from that subnet.

    I have a strange behaviour, devices from other subnets do get IP adresses from centos dhcp server. How can I dissallow dhcprequest going to that interface coming from the other 4 ones?

    Thx

    0
  • V

    pfSense do not forward DHCP requests from interfaces which have DHCP server activated.
    DHCP requests are broadcasts. The only way to forward them is by DHCP relay, but this cannot not be activated, while you're running a DHCP server on pfSense.

    So the DHCP requests in your VLANs must take another way.

    0
  • A

    I don't see what other way ... here is a diagram:

    Untitled Diagram.png

    All the devices connected to the wifi get IP from the VLAN 51 where that standalone DHCP is running.
    In the pfsense logs I get this kind of messages:

    DHCPREQUEST for 192.168.51.120 (192.168.30.1) from aa:aa:aa:aa:aa:aa via igb1: wrong network.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy