DHCP addresses outside (higher) than the initially configured pool is unable to connect to internet
-
I tried expanding the primary pool and as the image shows I have now created an additional pool "Overflow Pool". The devices gets an IP from the overflow pool and all other related IP configuration (Default Gateway, DNS etc.) and they won't connect to the internet. A typical error is "Connected, no internet" This condition holds true for WiFi devices (via Unifi APs) and Ethernet devices. Thanks in advance for your input.
-
@ahcarak where a device gets its IP be it dhcp, you set it static on the device, it gets a reservation from dhcp, or even some other dhcp server on your network has nothing to do with internet access.
Can your device ping pfsense IP on this network?
Did you change the network on the interface? Has it always been a /25, was it before a different mask? Possible if your rule says X net that this built in alias might not have been updated to your new network range?
Is there anything in the firewall log about blocking this devices IP? What rules do you have on this interface, any rules in floating. If you had changed the network mask of the interface, and had previously say set your outbound nat to manual or something.. You would need to update your update outbound nat to make sure they are correct.
-
@johnpoz thank you. I was a firewall rule that prevented internet access. The initial setup was for a /26 network and an automatic rule was not updated. Thanks again.
-
@ahcarak so you had set a cidr in the rule vs using built in alias like lan net or optX net etc.. for your source?
-
Yes. Making some changes to address this for future changes.
-
@ahcarak yeah whenever possible I would use the built in net and address aliases.. Because those will change if you change the IP or network on an interface.
Only time I would think makes sense to use a specific cidr, if wanting to do a subset of your actual network for something. Or if placing rules on transit or connector network interface and allowing for the downstream networks.
