WAN IP gateway is not my public IP

Cabledude

Hey all,

When I look in the pfSense dash, under Gateways I see:
WAN_DHCP is xx.xxx.63.1.
However, when I visit myip.com or the like:
"Your IP address is xx.xxx.63.57.

Is WAN_DHCP the subnet (end at ".1") and is my .63.57 address in that range?

Just trying to learn.

Thanks,
Pete

P.S. When I plug the ISP modem into another firewall (UniFi USG 3P) I get a completely different WAN IP address:
xx.xxx.245.92 where the first two octets are also completely different.

JKnott

@cabledude

The .1 is the gateway and .57 is pfsense.

Cabledude

Okay I made a beginners mistake. I should have looked at the WAN Interface, not the gateways. Sorry guys, question answered

Edit: thank you James I see our posts have crossed. I failed to look under interfaces. Learned something new today.

Still curious how the same ISP can hand out completely different IP's for different firewalls like in my case Ubiquiti vs Netgate.

JKnott

@cabledude said in WAN IP gateway is not my public IP:

Still curious how the same ISP can hand out completely different IP's for different firewalls like in my case Ubiquiti vs Netgate.

They are likely using DHCP to hand out addresses. A DHCP server assigns an IP address to a MAC address. The two devices will have different MAC addresses. So, if you connect one, disconnect it and connect the other, the DHCP server will remember that the IP address has already been assigned and give the other device a different address. At some point, after the lease has expired, the server will "forget" about the first device and the address it had will be available for reassignment.

Cabledude

@jknott Yes i see your point. My astonishment is about how far the subnets are apart. I'll keep my real IP addresses private, but the subnets are approximately:

UniFi USG: 27.146.245.92
SG-1100: 68.243. 63.57

You will see the first two octets are so far apart it drew my attention. I would have expected these subnets to be very similar, with only a difference in the last two octets.

Pete

johnpoz

@cabledude said in WAN IP gateway is not my public IP:

I would have expected these subnets to be very similar

Yeah you would think think that - but what IP ranges ISPs have are not always adjacent. Possible they added new space and using this new space to grow different areas IP space, etc.

Depending on your isp and its setup - if you want to see what other ips are running on your wan L2 network.. You could do a sniff on pfsense wan for say arp ;) And you can see all an example of the different IP ranges they are running on your specific L2.

If you have need for using same public IP while changing your devices connected to the isp - you can always change the mac address of devices to be the same "clone mac feature" and then you should get same IP via dhcp as your other device, etc.

JKnott

@cabledude

I have a cable modem, so I can watch what's on the WAN with Wireshark. When I do that, I will see different subnets, so that's nothing to worry about.

Cabledude

thanks folks, I was not at all worried, nor do I need the WAN IP to match across different firewalls I own. I was merely curious really and you quenched that curiosity :-)

johnpoz

@cabledude said in WAN IP gateway is not my public IP:

was merely curious really

Yeah I have one of those nagging curiosity kats that is always meowing at me as well ;) hehe