Added New Interface: No Internet [SOLVED]

areckethennu

FINAL EDIT: Solved. I rebooted the pfSense box and all is well. Seems odd that I'd have to do that. But, oh well.

OP: I'm trying to add another LAN interface to pfSense but it's getting no internet. Hopefully, this is simple enough that someone can just tell me what easy-peasy thing I've forgotten without my having to upload screenshots.

On my Protecli VP2410 (no VLANs), I've got my WAN on the first port, my LAN on the second and I'm trying to add a second LAN (I'm calling it BackupLAN) on the third. In pfSense > Interfaces > Interface Assignments, I clicked the button to add the interface and set the following:

Description: BackupLAN
IPv4 Configuration Type: Static IPv4
IPv6 Configuration Type: Track Interface
IPv4 Address: 192.168.2.1 /24 ( a different subnet from my LAN interface at 192.168.1.1 /24 )
IPv6 Interface: WAN
IPv6 Prefix ID: 1 (my LAN interface is ID = 0)

After Enabling it (the order might be a bit wrong here), I went to Services > DHCP Server > BackupLAN, enabled it and gave it a range:

Range: From 192.168.2.100 To 192.168.2.254

At Firewall > Rules > BackupLAN, I copied my existing LAN rules over and they look fine:

States	Protocol	Source	Port	Destination	Port	Gateway	Queue	Schedule	Description	Actions
		104 /8.71 MiB
IPv4 *	BackupLAN net	*	*	*	*	none	 	Default allow LAN to any rule	     
		0 /2.73 MiB
IPv6 *	BackupLAN net	*	*	*	*	none	 	Default allow LAN IPv6 to any rule

I plugged a computer into that port, Saved the unchanged WAN configuration just because, reset the Firewall States and restarted the computer.

• The Dashboard shows the interface as being physically connected with the correct speed and addresses.
• The DHCP Server shows the connected computer having an address in the range.
• The computer agrees with that address.
• The Autocreated rules at Firewall > NAT > Outbound got nicely updated to include the new interface address:

Interface	Source	Source Port	Destination	Destination Port	NAT Address	NAT Port	Static Port	Description
WAN	127.0.0.0/8 ::1/128 192.168.1.0/24 192.168.2.0/24	*	*	500	WAN address	*		Auto created rule for ISAKMP
WAN	127.0.0.0/8 ::1/128 192.168.1.0/24 192.168.2.0/24	*	*	*	WAN address	*		Auto created rule

At Services > DNS Resolver > General Settings, the Network Interfaces and Outgoing Network Interfaces are both set to ALL.

Yet, the computer has no internet access. Is there something else I need to do?

EDIT: I can also browse to 192.168.2.1 on that computer and reach the pfSense box, itself. But, again, no internet.

Saqqara

You can not have two lan interfaces with the same static IP address.

Want is the purpose to having a backupLan ?

areckethennu

@saqqara I don't have two LAN interfaces with the same IP address. The original is 192.168.1.0/24 and the new one is 192.168.2.0/24. But, with the spacing in my OP, it's a bit hard to see. I'll edit that to make it clearer.

BackupLAN is simply a backup interface. I recently lost access to my whole network (not just the internet) and one line in my logs implied there was a problem with the LAN interface that wasn't cleared by a reboot of the device. This is just something I can try if it happens again (to see if it's actually a problem on the LAN interface or something else).