Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    DHCP Server on LAN Interface requires Firewall Rules

    Firewalling
    2
    2
    164
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      tkrausjr last edited by

      Everything I have researched points to the fact that I dont need to allow UDP ports for DHCP traffic to work on an internal (LAN) interface.
      Simple Two interface (WAN and LAN) setup on a Virtual Machine running 2.5.2

      WAN = 10.17x.xx.xx / 25
      LAN = 192.168.103.1 / 24
      DHCP enabled on LAN and PFsense in Firewall / NAT Hybrid Mode.

      I can not get reliable DHCP responses to my clients and they are sometimes delayed a LONG time until I add the following rule to my pfsense LAN interface.

      Protocol: IPv4 UDP
      Source: *
      Destination: *
      Dst Port: 67-68

      Can someone confirm this is expected behavior.

      johnpoz 1 Reply Last reply Reply Quote 0
      • johnpoz
        johnpoz LAYER 8 Global Moderator @tkrausjr last edited by johnpoz

        @tkrausjr you have no need to add any rules on any interface dhcp is enabled. They are auto added an hidden... Look at the full rules..

        https://docs.netgate.com/pfsense/en/latest/firewall/pf-ruleset.html

        example these are mine..

        rules.jpg

        if you needed to add a rule for dhcp to work - and you had not rule how would it ever work.. Whatever issue your having is not related to needing a firewall rule to allow for dhcp..

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-2440 2.4.5p1 | 4x SG-3100 2.4.4p3 | SG-4860 21.05.1

        1 Reply Last reply Reply Quote 0
        • First post
          Last post

        Products

        • Platform Overview
        • TNSR
        • pfSense
        • Appliances

        Services

        • Training
        • Professional Services

        Support

        • Subscription Plans
        • Contact Support
        • Product Lifecycle
        • Documentation

        News

        • Media Coverage
        • Press
        • Events

        Resources

        • Blog
        • FAQ
        • Find a Partner
        • Resource Library
        • Security Information

        Company

        • About Us
        • Careers
        • Partners
        • Contact Us
        • Legal
        Our Mission

        We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

        Subscribe to our Newsletter

        Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

        © 2021 Rubicon Communications, LLC | Privacy Policy