Static IP on WAN isn't working



  • Static IP: 1.1.1.5
    Subnet: 255.255.255.128
    Gateway: 1.1.1.1

    Based on this information (to hide the real numbers), I cannot get my static IP to work when I..
    (1) Go to Interfaces->WAN, set to Static, enter in 1.1.1.5 (and leave /32 alone) for the Static IP, and enter in 1.1.1.1 as the Gateway
    (2) #1, Firewall->NAT->1:1->Add, set Interface to WAN, set external subnet to 255.255.255.128/32, set internal subnet to 255.255.0.0, and add

    My ISP has my WAN MacID whitelisted and the IP available.

    EDIT: Someone asked which version of pfSense I was using before they quickly removed their post.

    "1.2.3-RELEASE
    built on Sun Dec 6 23:21:36 EST 2009"



  • Thanks- I actually deleted my post as I didn't think it would be relevant…

    Im booting up my test machine now but my primary firewall on my little data center is set static that way so Ill post my entries here in a little bit to give you something to compare to. Might help with troubleshooting...



  • The WAN of my test box in this picture is on the LAN of my network here in the lab. So I have the blocks at the bottom unchecked. Are you given public IP's by your provider or do they give you a private network or bogon address??

    Also- are you entering a mac address or did you leave that line blank?




  • @chpalmer:

    The WAN of my test box in this picture is on the LAN of my network here in the lab. So I have the blocks at the bottom unchecked. Are you given public IP's by your provider or do they give you a private network or bogon address??

    Also- are you entering a mac address or did you leave that line blank?

    I have the MacID field set to the MacID of the interface.

    Unchecking the boxes at the bottom didn't help either.



  • I have the MacID field set to the MacID of the interface.

    Ive never filled that line in myself.  You might try blanking it out just to test…



  • @chpalmer:

    I have the MacID field set to the MacID of the interface.

    Ive never filled that line in myself.  You might try blanking it out just to test…

    Blanking the MacID field did not work either. How long are you usually supposed to wait after applying changes to "test" to see if it really worked?

    http://www.hlrse.net/Qwerty/pfsense - Firewall- NAT- 1-1_1294337588156.png
    http://www.hlrse.net/Qwerty/pfsense - Interfaces- WAN_1294337567590.png
    http://www.hlrse.net/Qwerty/pfsense - Status- Interfaces_1294338064032.png
    http://www.hlrse.net/Qwerty/pfsense - System- General Setup_1294337532830.png



  • Should apply pretty much instantly on your end.



  • BlueToast,

    Check with your ISP what your CIDR number should be on your public WAN ip. Your WAN ip entry is not necessarily a 32 CIDR number. For example a have one pfSense box with 28 WAN CIDR and two with a 30 CIDR number WAN entry.

    Edit: Looking at your post again your subnet does not coincide with a 32CIDR number as you have shown?

    Barry



  • Alright, it works now. For anyone else that has the same or similar situation…

    • Make sure you have the right CIDR. This fixed my problem.
    • You don't have to add your static IP for WAN to the Virtual IPs page.
    • You can have the two boxes at the bottom of WAN interface page (for bogon networks and private networks) checked/enabled.
    • You don't have to add an entry to NAT 1:1 with your Static IP Subnet <-> LAN Subnet.


  • @BlueToast:

    Alright, it works now. For anyone else that has the same or similar situation…

    • Make sure you have the right CIDR. This fixed my problem.
    • You don't have to add your static IP for WAN to the Virtual IPs page.
    • You can have the two boxes at the bottom of WAN interface page (for bogon networks and private networks) checked/enabled.
    • You don't have to add an entry to NAT 1:1 with your Static IP Subnet <-> LAN Subnet.

    Thanks for the update and glad to see you got it!

    Good Luck!


Locked