Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Problems with static IP setup

    Scheduled Pinned Locked Moved Firewalling
    9 Posts 4 Posters 2.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dbphoto84
      last edited by

      Hello I have some issues with static IP setup/firewall. I believe I may have a basic problem here that someone with much more networking knowledge can answer.

      My ISP has given me the following:
      Network Address: XX.XX.XX.40
      Default Gateway : XX.XX.XX.41
      Available Address(s): XX.XX.XX.42 thru XX.XX.XX.46
      Network Mask: 255.255.255.248

      IP Address .42-.45 seem to work but .46 will NOT work. I have them all setup as virtual IPs. All the other addresses work, .42 is assigned to pfsense. I have pfsense set to static IP XX.XX.XX.42/29.

      What can I check? I'm getting every port blocked for IP .46

      ~ Dave

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis
        last edited by

        The information you give looks good - xx.xx.xx.42/29 should give a subnet from xx.xx.xx.40 to xx.xx.xx.47 - .40 will be the unused "network" address at the bottom, .47 is the subnet broadcast address at the top. The ISP has allocated .41 as the gateway and you should be able to use .42 to .46 as valid WAN addresses.

        I have them all setup as virtual IPs.

        I don't think they can all be virtual IPs - 1 of them will be your real WAN IP, but they should all be useable as public IPs.
        What did you use for your real WAN IP?

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • D
          dbphoto84
          last edited by

          Thanks Phil, Real WAN IP is the .42… Still can't get it to pass traffic for .46 - all other IPs work.. Anything else to check?

          1 Reply Last reply Reply Quote 0
          • P
            phil.davis
            last edited by

            I am struggling to think of a good suggestion - when .42 .43 .44 .45 all work and .46  does not. Others feel free to give input. Or take the easy path and blame the ISP? :)

            As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
            If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

            1 Reply Last reply Reply Quote 0
            • K
              kejianshi
              last edited by

              Call up the ISP screaming and cursing.  If you lack much 4 letter vocabulary, let me know.  I can suggest a few words.
              2^(32-29) - 2 = 6 usable hosts

              I can't imagine why its not working.

              1 Reply Last reply Reply Quote 0
              • M
                muswellhillbilly
                last edited by

                Assuming for a moment that it's not the ISP (which it may well be!), I can think of one or two notions. This sounds like one of those 'slap the forehead' moments I have when setting up something relatively simple and finding it doesn't work. Can you verify that the .46 VIP is set up exactly the same as the others that work? Has it been set up as an IP alias, or some other type (CARP, Proxy ARP, etc)? If you open up an SSH session, try running "ifconfig | more" and have a look at the network addresses listed. Do all the VIPs show up correctly and bound to the same NIC? Here endeth my 2-cents-worth.

                Thought number 3: Although I can't verify this, maybe there's a maximum number of VIPs that can be assigned to one NIC? A possible way to test this theory is to remove one of the existing VIPs and re-enter the .46 VIP. If it works when another VIP is removed then maybe this is the answer.

                1 Reply Last reply Reply Quote 0
                • P
                  phil.davis
                  last edited by

                  2^(32-29) - 2 = 6 usable hosts

                  and the ISP uses one of those as the gateway, leaving 5 usable hosts for the customer.

                  As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
                  If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

                  1 Reply Last reply Reply Quote 0
                  • K
                    kejianshi
                    last edited by

                    Yep…

                    "Default Gateway : XX.XX.XX.41"
                    "Available Address(s): XX.XX.XX.42 thru XX.XX.XX.46"

                    Later I expect to hear "Thanks for all the help.  I found the problem.  I typo-ed a setting"
                    But assuming no typo, I don't know why its not working.

                    1 Reply Last reply Reply Quote 0
                    • M
                      muswellhillbilly
                      last edited by

                      Another silly, but possible answer: Are you sure that .46 isn't being used already by another host? Try pinging the address, or possibly running a non-ping nmap scan to see if it shows up.

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.