Pfsense vmware dhcp failing
-
:(
Hey Guys,
I have three virtual machines that I wanted to keep them behind pfsense. Being good at vmware, i need some pfsense help.
I have a dhcp router assigning pfsense an ip on its wan interface. I attached another interface to it - LAN - and placed the virtual machines behind this interface.
I assigned the LAN if a static ip address and enabled dhcp server on this LAN interface. The moment I apply these changes, my pfsense web portal disconnects, and any number of refreshes do not bring it up.
A reboot fixes it but LAN remains disabled. There may be a dhcp conflict but why will there be one if I am enabling DHCP only on the LAN if and not on the WAN if.
Please advise.
Thanks
RJ -
Well if your just now turning on pfsense lan interface - how were you connecting to the web ui in the first place? Via the wan interface?
So what network did you put the lan interface of pfsense in? Is this behind a nat in vmware? Bridged to a physical network?
If your setting it as static, how could there be a dhcp conflict?
What are the ips/networks your working with - and how are you talking vmware player, workstation, server, esxi?
BTW - your question would be better suited for the visualization section to be honest.
-
Thanks for the reply.
accessing UI via 172.16.1.xxx ip given out by dhcp router.
Internal lan ip is 10.0.0.1 and dhcp network on lan interface is 10.0.0.2-10.0.0.15
There is no bridging setup yet between lan and wan interface in pfsense.
Once I have the lan interface up - the UI disappears.
Using ESXi.
Please advise.
-
Who said anything about bridging on your lan to your wan??
I run pfsense on VM as well, on esxi 5.1 – how are you setup on the vswitches? Where is your client connected that your accessing the pfsense UI from?
So can see a shot of your vswitches ? and what networks they are connected to?
Normally when you setup pfsense you setup a wan and lan interface.. I am not sure what would happen if you only setup a WAN -- what is the point a router with only 1 interface? So I am confused at what you mean by adding LAN, is this a secondary LAN?
So below you can see my vswitches setup on esxi. So wan of pfsense is connected to physical nic that is connected to cable modem. And then other nic is connected to my lan network. So my lan network is 192.168.1.0 and vm and or physical can all access the pfsense interface in the lan 192.168.1.253
Now are you trying to run pfsense just for your VMs and not your normal network? If so then your client that would be access the UI for pfsense would need to connect via the wan interface - so you turning on a lan interface prob turns off this access? You have to allow for UI access from the wan in that case.
I am confused how your currently access the UI via the wan interface - how did you set that up in the first place? Did you setup a firewall rule to allow access - what port you running the web gui on, default, alternate? Did you disable blocking private on the wan, is that getting turned back on when you enable a different interface?
Understanding your vm setup and your pfsense interfaces and how your currently accessing the pfsense ui will allow us to correct your issue.
-
Hello,
So my setup is the same as yours. Thanks for the pic.
When I say WAN - its the network via your vswitch1 and when I say lan its the network on vswitch0 that you have going.
I just want dhcp to run on the lan side but everytime i enable it, i cant get to the UI of pfsense anymore.
Makes sense?
RJ -
I run dhcp on my pfsense, and it provides IPs for ALL devices on my LAN. This interface has been enabled since pfsense was installed.
What your saying doesn't make any sense - enabling dhcp has NOTHING to do with the web gui of pfsense.
How are you access the web gui now? Via what IP and from what client? You say your enabling the lan interface?? Can I please see a screen shot of your interfaces and what IP do you access the gui on now? Your accessing it via 172.16.1.xxx – why hide the last octet btw, that is a PRIVATE IP and not routable via the public net - there is NO security concerns with giving out this info.
You say that is your WAN IP in pfsense. That is not how you would normally access the gui, you would have to allow for special firewall rules to access gui via WAN interface -- since default firewall rules would block all inbound traffic and block private networks.
So what rules do you have in place?
edit: If your LAN network is 10.0.0.0/24 with pfsense on 10.0.0.1, then your client your accessing pfsense from would also be on this 10 network, not on the 172.16 network. Your not setup like me if your access pfsense web gui on 172.16 wan address that is for sure. I access everything on pfsense via its lan interface. Are you changing lan from dhcp to static? And your lan was dhcp before and its getting an IP from something else? Your router??
What is your settings for your lan when it works and you can access the gui?