Changing LAN IP

RyanM · Apr 3, 2020, 9:40 PM

I looked around and didn't really see a set of steps for this, other than LAN bridge changing local DHCP ip range, but that was very minimal.

I have pfSense configured with my LAN on (192.168.1.), guest WIFI on 192.168.10., and VPN on 10.8.0.*.

I suppose the proper notation is something more like 192.168.1.0/24, but I am not an expert in this area.

My issue is that I see conflicts occasionally when other networks are using 192.168.1.. For instance, I connect to my home through VPN, but the local network I am on is using 192.168.1., or when connecting to work VPN network that is running 192.168.1.* (or has resources on that network).

Is the best option for me to move my LAN to a different range? If so, should I stay in the 192.168.* range? Or move to the 172.* or 10.* ranges?

Is the best thing to use something like 192.168.5.* or 192.168.9.*? Does it matter?

If it is identified I should change my LAN IP range, are there clear steps to do this? I recognize I will need to change my static mappings, but it would really help if there was a set of steps for changing the LAN IP range.

dotdash · Apr 4, 2020, 1:10 AM

The 10.x range gives you the most chance of not encountering a conflicting subnet. Use a /24 subnet mask. It's a good idea to have console access, but you can carefully change the LAN subnet from a machine on the lan. Go to Interfaces, LAN and change the address. It should warn you to change the DHCP range. Go to services, DHCP server, update the range and save. Then go back to the LAN interface and save. You will now need to renew the IP on the workstation and connect to the new LAN IP. Then renew the IPs of the rest of your machines. If you have static addresses, the best thing to do is to switch them to dhcp and reserve the IP in the dhcp server.

RyanM · Apr 3, 2020, 10:28 PM

So if I am reading this right:

Interfaces > LAN: Change the IPv4 Address (DO NOT SAVE, this is just so the Subnet of the DHCP server is updated)
Open Services > DHCP Server in a new browser tab and change the Range, then Save
Go back to the Interfaces > LAN tab and Save

I do not have static IP addresses. I have static/reserved IP assignments in the DHCP server. So I should be able to update those and then renew right?

Are there any other gotchas here I am missing? Is my statement about why to update the Interface first accurate?

johnpoz · Apr 3, 2020, 10:40 PM

Just change it... Not really an issue, But to what range to use to be less likely to conflict, I would prob use something in the 172.16-31.X/24 where you just random pick say 172.27.54/24

dotdash · Apr 3, 2020, 10:39 PM

You've got the sequence right. There's always a chance of messing it up, which is why it's handy to have console access. Yeah, the default is the most common subnet, so it better to change it some something reasonably unique.

JKnott · Apr 4, 2020, 1:10 AM

@dotdash said in Changing LAN IP:

The 10.x range gives you the most chance of not encountering a conflicting subnet.

I find the 172.16.0.0 /12 range to be very rarely used. That's why I picked it for my network. I've only once seen it used elsewhere.