Possible to receive DHCP broadcasts from WAN on LAN?
-
I was wondering if someone can help me. I want to be able to receive DHCP broadcasts through the WAN interface, so I can monitor them on a PC on the LAN.
Basically I have this set-up:
cable ISP -> modem -> pfSense -> multiple PCs with static IPs
When the ISP sends out DHCP broadcasts I want to be able to capture them. This is possible with a tool like DHCP Force when connected directly to the modem with no firewall, but obviously this is quite suicidal :-)
I tried adding rules to the firewall to allow DHCP UDP packets on ports 68 and 69 from 0.0.0.0 and to 255.255.255.255 but it does not seem to work. Is it possible at all?
PS. I am on RC2 embedded running from a compact flash disk. I know it's old, but it works and has been stable for over a year so I didn't upgrade. If upgrading would help, I can do it.
-
do i assume correctly that you want "some" IP's from your ISP on your LAN but the normal users stay within the lan-subnet?
if you have static IP's from your ISP you can use VIP's
and 1:1 NAT then to your clients.if you only want ip's from your ISP on your WAN you can bridge LAN with WAN and use a filtering bridge setup.
-
Ah yes, I see. Thanks for that, I'll give it a go.
-
You can't pull multiple IP's from DHCP to use as VIP's, so that won't work if you have to get them via DHCP. The only way you can get leases from your ISP behind your firewall is to bridge an OPT interface to WAN and put the machines that need the public IP's on that interface.
-
cmb: Actually, I don't need leases at all. I just want to monitor the DHCP traffic and record it with DHCP Force or a similar tool. I think you are right though, setting up an OPT interface and bridging it is the only option.
