I need some help wit pfsense setings



  • Hello
    I instaled pfsense . I pluged the cable according to the auto detection, then was the configuration windows. I tried entering the same values as i would be seting up a normal lan configuration, but i couldn't connect to the internet at all. looking up… in firefox and thats it.
    I tried some different types of configuration, but the result was the same.
    I noticed that you're pretty good at sorting this kind of problems so maybe you could help me?
    Here's the configuration on which my pc works without the pfsense computer.
    http://img338.imageshack.us/img338/2049/copyxz9.jpg
    Maybe you could draw or guide me to how the setings should be tunded when the pfsense pc is in place. Or even better, you should know the configuration windows. These might be old:
    http://www.pfsense.com/screens/DHCP.jpg
    http://www.pfsense.com/screens/LAN_iface.jpg
    http://www.pfsense.com/screens/WAN_iface.jpg
    maybe you could fill them up with the sttings i provided?



  • I'm taking a wild guess that the information on the screen is from the Nokia router? Most likely situation is that the Nokia router is running NAT already. It may be doing some sort of authentication/PPPoE (logging in with username/password) You may want to ask someone who has your service provider, being in the US, I have no experience with overseas ISPs. Anyway- I think the Nokia is running NAT between the public IP and the private IPs. If you open a prompt on your PC (assuming Windows 2k/xp) and type ipconfig /all you should see and IP like 192.168.1.100 on your pc, with the gateway IP being the Nokia. If you want to firewall the connection, you should really turn NAT off on the Nokia and run NAT and DHCP on pfsense. If you are not comfortable doing that be careful, as you could break the Internet connection… If you just want to block the other computers on the lan, I would configure pfSense as a filtering bridge and place it inline between your pc and the Nokia.
    What are your goals in adding the firewall and what is you comfort level in changing the network there? That would be where I would start before changing anything.



  • Ok some updates.
    First off all that's not a hub there, that's a switch (not very important i suppose).
    Then there's the ISP things you said. I'm having a guy from ISP coming to my home tomorrow (lots of time). He said that he will do something with settings of the NOKIA modem/router to make it act as a normal modem. And that's good, isn't it?
    Now the main problem for my is the setting in the WEBgui. Again, my typical settings that i use for windows configuration is shown above. Maybe you could direct me to the values witch would allow the traffic to go trough the PFsense box. I mean because showed the setting and the set up, it should be pretty easy to set up the setting in the web gui. I have a static IP address so there's 3-5 fields which i should fill for the basics to work, maybe you could show me an example of this kind of settings (using my address'es or similar static IP set ups)
    Here's what i see when i write "ipconfig /all".
    http://img530.imageshack.us/img530/7263/untitledos4.jpg
    I think my modem is 192.168.1.1 because i'm not allowed to set this address, because of "another address on the lan", i saw a non windows system in a lan-spy or somekind of program and when i try to telnet.the 192.168.1.1 i get a question for password.

    Ok, then about the goals. The main reason i started this is that i have a 17-19 computer LAN on a 1024Kbits/sec internet plan. Some people in our LAN tend to be very unfriendly and try to use emule and smth like that a lot during the day. That makes the internet connection practically dead. Now i find that it's not fare that 1 PC gets all the bandwith so i search the web asked some forum members about hte problem and they told me about a linux router. So my main goal would be to set up a internet sharing linux computer, which would equally share the total bandwith accross the web. Now because i'd like it to be as optimal as it can be i'm thinking about trying monowall as well later on.

    the thread was started on guru3d forum link: http://forums.guru3d.com/showthread.php?p=2158575#post2158575



  • If the ISP guy can set the Nokia up like a modem/bridge, then you should be able to setup pfSense at defaults, then change the WAN connection to PPPoE and enter your username/password info.

    Nokia>>>WAN-pfSense-LAN>>>SWITCH>>>Computers.

    Keep the PC's at DHCP and it should work. Once it works, you can play with the traffic shaper and work on limiting bandwith. Try searching the shaper forum for hints.

    Your ipconfig output doesn't make much sense- the gateway should be on the same subnet as the IP of the computer. e.g.- if your ip is 192.168.1.100 /24 then the gateway should be 192.168.1.something (usually 192.168.1.1) Hopefully this will not be an issue once the ISP guy re-configures the Nokia.



  • @dotdash:

    If the ISP guy can set the Nokia up like a modem/bridge, then you should be able to setup pfSense at defaults, then change the WAN connection to PPPoE and enter your username/password info.

    Nokia>>>WAN-pfSense-LAN>>>SWITCH>>>Computers.

    Keep the PC's at DHCP and it should work. Once it works, you can play with the traffic shaper and work on limiting bandwith. Try searching the shaper forum for hints.

    Your ipconfig output doesn't make much sense- the gateway should be on the same subnet as the IP of the computer. e.g.- if your ip is 192.168.1.100 /24 then the gateway should be 192.168.1.something (usually 192.168.1.1) Hopefully this will not be an issue once the ISP guy re-configures the Nokia.

    Ok, but i don't think i have a username/password, because i have a static IP which is the 81.7.86.41 ("gateway" in windows setting, don't know why). And i don't use the connect dialog or smth like that. And about the DHCP, will i have to change my lan computer setting to Obtain an IP address automatically?



  • Your LAN computers should be set to obtain ip automatically. If the line is static, you can just set the WAN on pfSense to static and plug in the numbers. It is possible that the Nokia is running PPPoE or something. Ask the DSL tech and set the WAN accordingly.


Log in to reply