Creating loopback interface for management

Saravanen · Jan 18, 2021, 2:18 AM

I have a requirement to create a loopback interface on the pfSense firewall for management purpose. I can't find anyway to create loopback interface in the GUI. Can someone help point me in the right direction on configuring it?

johnpoz · Jan 18, 2021, 2:55 AM

Its a vip.

Here jimp answering the same question from 2017
https://forum.netgate.com/post/682341

Saravanen · Jan 18, 2021, 4:05 AM

Thanks, I'll look into that. :)

johnpoz · Jan 18, 2021, 5:07 AM

Why do you think you need a loopback for management?

Saravanen · Jan 18, 2021, 7:08 AM

I just need to give another team temporary management access to the firewall as they can't use the LAN IP for management due to IP overlap issue on their end.

So I'll create a VIP on the firewall and configure static route on the core switch for the VIP (next hop would be the LAN IP of the firewall).

johnpoz · Jan 18, 2021, 1:04 PM

You know any IP on pfsense can be used to hit the gui or ssh right. The wan IP, any other opt IP..

Saravanen · Jan 18, 2021, 1:15 PM

I'm using the pfSense firewall to protect a user VLAN, so both LAN and WAN IP range fall within a /19 subnet and that whole subnet is overlapping for the other team. :(

johnpoz · Jan 18, 2021, 1:45 PM

Seems like an odd thing to do - overlapping networks in the same network.. Good luck. Thanks for entertaining my curiosity cat..

I thought it could be a remote site via a vpn, having overlap of some vlan in your internal network.. Which you could just use say the tunnel IP to allow them to ssh/gui to pfsense. Where the tunnel network should be be overlapping any network either remote or local..

But sure a vip would allow you to put a non overlapping IP on pfsense to be able to access.