Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Cidr setup for LAN clients and server hosts

    Scheduled Pinned Locked Moved Routing and Multi WAN
    2 Posts 2 Posters 1.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rstaylor
      last edited by

      Hello all… A new user here to PFSense who is blown away by the power of this software. I have a question about the correct way to setup Cidr for our needs...

      Using Pfsense 2.1 (beta I know) the IP from our provider Cox is:  (Ip's changed slightly for posting in the forum)

      Wan IP: 68.13.201.235
      Wan subnet: 255.255.255.128
      Wan Gateway: 68.13.201.129

      Cidr Block info:

      Cidr IPs: 174.75.85.224/27 (32 IPs)
      Cidr Netmask: 255.255.255.224
      Suggested Gateway: 174.75.85.225
      First Usable IP: 174.75.85.226
      Last Usable IP: 174.75.85.254

      So I have my WAN interface configured with the 68.13.201.235 IP and 68.13.201.129 gateway and I am 99.9% certain all is correct there.

      Where I am having trouble is on setting up the LAN and OPT interfaces correctly.  I have 40 workstations getting IPs in the 10.0.0.1-100 from a DHCP server (not pfsense but in the 10.0.0.0 range). I also have a couple of servers that are statically configured with some the higher IP's in the 174.75.X.X Cidr block.

      After fumbling around, I have managed to get the workstations flowing in and out to the internet but I cannot seem to get the servers with the static Cidr addresses working. I am certain I have bungled the NAT configuration (currently set to manual btw). I have searched through the forum here, and have partially read through the pfsense book. But I still seem not to get the grasp of how to configure the Cidr block correctly for both the LAN and the static servers

      In the end, what I would like to have is all of the workstations going in and out through the first usable Cidr address of .226 and the servers going through their own static ips from the higher addresses in the Cidr block. One last curve, I cannot change the ip configuration on these static servers at all - they have been statically assigned long ago and were working with the previous firewall which took a dump on us.

      Can anyone spare a moment to help an enthusiastic, competent user who is still a pfsense noob who would very much appreciate some guidance?

      Thanks,
      Robert

      1 Reply Last reply Reply Quote 0
      • H
        heper
        last edited by

        i don't know the exact details but i guess you should assign a VIP (the .226 ) to your LAN interface.
        then disable NAT for the cidr range but keep it enabled for the 10.0.0.x range ?

        see:
        http://doc.pfsense.org/index.php/How_can_I_use_public_IP%27s_on_the_LAN%3F

        also: don't try this on a production system … i have no clue if what i'm saying is correct

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.