Solved Newbie: Setup pfsense with gateway on different subnet

mxavierr · May 13, 2009, 6:54 PM

Our new ISP has issued us a full class C network with an out of the ordinary config. Network config as followed:
Usable public IP’s 216.XXX.XXX.1-254
Subnet 255.255.255.0
Default GW 65.xxx.xxx.197/30
I have setup the Wan interface as follows:
IP 216.xxx.xxx.1
Subnet 255.255.255.0
GW 65.xxx.xxx.197
The LAN interface is working ok I can access the server but that’s a far as I get. I cannot access the internet.
I used the wizard to setup pfsense, could someone please advise as to what needs to be done to enable internet access.
Internet
|
|
WAN (IP 216.xxx.xxx.1 SN 255.255.255.0 GW 65.XXX.XXX.197)
|
Pfsense server
|
LAN (IP 172.16.0.1 SN 255.255.255.0)
|
Local lan
Thanks in advance

Manuel

mhab12 · May 13, 2009, 5:25 PM

I would suspect that 216.xxx.xxx.1 should be the gateway on YOUR side. The gateway address they gave you is for their equipment. We have a similar setup, and in communicating with our carrier (XO) they intermittently swap the meaning of 'gateway' to mean our gateway (their dual t-1 router on premises) with their gateway (who knows what or where, somewhere upstream).

Try setting your gateway as 216.xxx.xxx.1/24
Set your wan IP as whatever you want between 216.xxx.xxx.2-254

mxavierr · May 13, 2009, 5:52 PM

Thanks for the reply mhab12.

I tried your suggested configuration but it doesn't work. I tried using 216.xxx.xxx.1 and 216.xxx.xxx.254 as the gateway but no internet connectivity. I actually configured a Clarkconnect box to test it and it works with the odd gateway. I have been playing with this for about a week now and it is really getting frustrating. Thanks again for your suggestion and anymore help you maybe able to provide.

Manuel

mhab12 · May 13, 2009, 6:31 PM

What WAN IP and subnet mask are you using when Clarkconnect was working? I assume you entered the gateway as 65.xxx.xxx.197?

mxavierr · May 13, 2009, 6:48 PM

The WAN IP was 216.XXX.XXX.1, subnet 255.255.255.0 and gw 65.XXX.XXX.1, I was surprised it worked like that. I just got off the phone with XO and they didn't send me all the info with the original config email. First off I needed to put a router inplace between the XO modem and pfsense with the correct info. Here is what I needed to do to resolve it:

Internet
|
XO modem
|
WAN ( IP 65.XXX.XXX.198 Subnet 255.255.255.252 GW 65.XXX.XXX.197)
Cisco 2600
Public LAN (IP 216.XXX.XXX.1)
|
WAN (216.XXX.XXX.2 subnet 255.255.255.0 GW 216.XXX.XXX.1)
pfsense
LAN (IP 172.16.0.1 Subnet 255.255.255.0)
|
Local LAN

So in actuality your hit the nail on the head with your first reply. Once XO updated me with the complete info I was good to go.

Thanks for your assistance.

Manuel

mhab12 · May 13, 2009, 7:02 PM

Too funny that we both have XO…I'm jealous of your Cisco 2600, a slight improvement over our XO provided Nortel / Tasman 1002 with one dead LAN port (luckily there are two available).

mxavierr · May 13, 2009, 7:06 PM

Yes it is. I actually had an extra 2600 router here that I tossed in between the XO Hatteras modem and pfsense. I was initially trying to connect pfsense directly to the the Hatterras box. Like I mentioned in my previous post I was surprised CC worked like that.

Thanks again for your guidance fellow XO user!!

Manuel