Two LANs, No DHCP on LAN 2
-
What rules do you have on this 2nd network .11 interface in pfsense?
In your scope you created for this 2nd network on your dhcpd on .10 network - where did you point the gateway, what did you set for dns.
-
Currently, I have it to set to allow everything.
-
Do your clients in .11 get an IP from your dhcp, and point to pfsense .11 address as their gateway - where do they go for dns, etc.
You left outbound nat set to automatic?
As to everything - you sure, see lots of times users set tcp only - since is the dropdown default when creating a new rule.
-
@johnpoz I pointed the gateway to 10.1.11.1, which was the IP I gave the new .11 subnet interface on pfsense.
DNS I set to the local dns server for the domain on the same domain controller that has DHCP server.
-
Can your clients in the .11 network ping pfsense IP? 10.1.11.1
can they query your dns.. Possible your windows box firewall blocking them from doing dns.. Simple test using nslookup, dig etc on the client would validate dns is working.
-
@johnpoz omg, thanks so much for giving me that hint. I had my outbound mode on Manual because of the VPN I have setup on pfsense.
So I just had to duplicate the existing rules for my original lan/subnet and change the ip address to my .11 subnet.
Now it's working. Yahoo!!!
I'll be playing around with the new subnet and firewall rules to fine tune it. Then when I feel comfortable i'll try the VLAN subnetting on my switch again to see if I have better luck.
-
Just so you know, you do not need to set manual for vpn client in pfsense... You DONT!!
All that is needed is a hybrid setup... The guides that these vpn services put out are almost always just utter CRAP!!!
-
@johnpoz oh, I didn't know that... thank you AGAIN.
Does that mean I can simply switch my outbound mode to "Hybrid Outbound Nat mode?
I'll give it a try, i'll backup my pfsense incase anything messes up and I can restore quickly!
-
Here I have a vpn client setup in pfsense to point to a vps running openvpn access server, that I use for testing policy routing and such to help other users..
I only use it when testing stuff... So if I policy route a client on my lan network (192.168.9/24) to go out the vpn - this outbound nat is used to nat to the vpn interface IP..
-
@johnpoz Okay, i'll take a look and give it a whirl!
-
@johnpoz Working like a charm. Thaaaaank you!
I basically just had to click Hybrid outbound and save. Then Just add 1 more mapping for my new .11 subnet (just duplicated the original mapping that was already there)
