Can't Connect to New 6100
-
Yeah you can change it later but I wouldn't consider that secure any longer. AES is fine but SHA1 is deprecated pretty much everywhere. We use AES-128, SHA256 and DH group 14 as defaults now.
If you can use AES-GCM it incorporates the authentication anyway. -
Is there a way to easily migrate all the settings from an interface to another interface? I set my LAN up on LAN 1 but would like to move it to one of the 10G fiber ports. I don't have 10G internet, but I have SFP adapters laying around and it would free up a port in my switch.
I can't create a second interface with the same settings and was hoping there was an easy way to move everything from one interface to another.
-
You can just re-assign LAN as whichever port you want and all the interfaces settings will follow it.
You will have to unassign whatever is using ix0 or ix1 first.
-
So I would go into Interface -> Assignments and do it there?
I have these LAN ports:
LAN (igc0) which is the 1GB copper
10GFiberLAN (ix1) which is the 10G fiberDo I delete the igc0 and then use the drop down box to change 10GFiberLAN to igc0?
Thank you!
-
You would delete the ix1 assignment. So that's WAN4 by default. You need to do that first because you can't have the same NIC assigned more than once.
Then change the LAN assignment from igc0 to ix1.
Steve
-
Also make sure you have some other connection to the 6100 when you're doing that in case you have any problems linking to ix1.
-
@stephenw10 Well, I messed that one all up, but learned a few things.
- Apparently you can't use a 1G SFP adapter in a 10G port.
I tried switching to the WAN1 port and assigned the igc0 to the WAN1 interface. Unfortunately, it didn't work. I couldn't get anything out of the WAN1 port after making the change.
Unfortunately I couldn't plug it into my laptop to see if it was even handing out IP addresses.
Thoughts? It's not a big deal, but would free up that port in my switch.
-
You should be able to use 1G SFP module in ix0/1 but you might need to set the link speed to 1G in the interfaces settings. You might also need to down/up the NIC or replug the module but it should, always link at boot if it can.
-
Thank you for all the help!
I have 2 more of these to setup both of which are an a site with a domain controller running DHCP. If I wanted to make WAN3 the uplink to the switch, what do I choose for IPv4 Configuration Type?
I haven't set up a pfsense where the device wasn't also the DHCP server. I'm stuck on the Assignment configuration for the port.
-
It should still be a static IPv4 address. You always want the firewall to be a static IP so you can always access it even if the dhcp server goes down.
The only interfaces you might want to be a dhcp client would be the actual WAN if it is a DHCP type.
