SG-5100 newbie: Configuring ix0-3 to work just like igb1
-
I have an internet connection if I connect a computer to port IGB1, the default LAN port. I'd like to set up the other OPT ports (ix0-3) to work the same so I can connect another 4 computers to the device. I can't seem to figure out how to do that though. I've duplicated the default set up of IGB1. Using port IX0 as an example:
- Interface enabled
- IPv4 static: address is 192.168.3.1/24 (the IGB1 default is 192.168.1.1)
- DHCP server is enabled on the port
- DHCP address range is 192.168.3.10-254
When I plug a computer into one of these other ports, they have an IP address (192.168.3.10 for example), gateway says 192.168.3.1, and subnet says 255.255.255.0. Windows says it's connected to the local network but has no internet connection. Trying google.com times out. If I try and ping google.com it just instantly comes back saying "Ping request could not find host google.com. Please check the name and try again."
I must be missing something obvious, but how do I get the other OPT ports to behave just like the default LAN port came out of the box? This is my first time with pfsense btw.
-
From what you’ve described, I’d check the following:
Firewall rule - easiest way to start is to make a pass any protocol from any source to any destination. I.E. permit all.
NAT - you will need to have outbound NAT rules for all interfaces that need to see the internet. Easiest thing to do would be to copy the rules in place for your LAN interface and edit them to reflect the other interface(s).
-
Doh, I totally forgot to check the firewall tab. Thanks! I just needed to copy the IPv4 setting and that fixed it!
-
@Architekt easy day! I got burned by the firewall/NAT situation a few times before. Glad you're successfully pushing bits.
-
Yes, only the LAN has any firewall rules by default. Any additional interfaces you assign must have rules added to pass the traffic you need.
Steve
