I was just starting with initial configuration and I chose "Set interface(s) IP address". I was configuring the LAN. It asked me the address I wanted for the LAN and I gave it one. It then asked me the gateway for the LAN. I'm trying to imagine a case where the two are not the same, but I can't think of one. Can someone give me an example? Just curious…
doktornotor Banned last edited by
There should be no gateway set for LAN normally.
If so, then why is the question asked?
It appears my first reaction to the question, to make the two the same address, is incorrect. My searches about it (including looking in the pfsense book) did not enlighten me. I don't know, but maybe this is an indication some work is needed in that area…
phil.davis last edited by
Hmmm - the installation wizard should ask for WAN settings, including a gateway address if you give WAN a static IP. And a LAN IP/netmask, which normally you enter a static IP that will become the gateway address for the LAN client.
Normally I can click through it all quite easily and get a working front end WAN to the internet and back-end private LAN in a couple of minutes.
Can you tell us what questions it asked, in what order, and what answers you gave?
I'm not talking about the wizard in the web configurator, but the option 2 in the menu on the console after you boot the system.
- Set interface(s) IP address
that should be used by people that actually understand what they are doing ;)
You should be using the web gui! ;)
Its not that hard - you will get the hang of it.
Just remember - LANs get static IPs in different subnets.
use a /24 to begin with for those and activate DHCP on LAN (most likely)
Netmasks of 255.255.255.0 (very basic)
WANs should be set to get an IP via DHCP. No static IPs. (That doesn't mean activate DHCP on WAN)
If you really screw up bad, just reinstall - easy.
Um guys, I may not be a network guru but I've managed to pick up a few things since 1969 (when I started working on computers). :)
I was just wondering why it asks for a gateway on the lan, and how that would ever be different than the address of the lan interface. Perhaps there is some uncommon network configuration I am unaware of? Or maybe the same code is used for WAN and LAN side and the question is just superfluous on the LAN side?
Mostly is doesn't matter, now that I know to leave it empty, but I'm still curious.
Its just giving you choices incase you want to create non-standard configurations. Some people create LANs that are simultaneously WANs and other such weird as can be and I would never ever do configurations. Believe me - I've tried to talk people out of doing some pretty strange stuff but some people apparently have needs and actual uses for weird configs.
I don't - At least I haven't yet. Pfsense will let you create all kinds of convoluted networks if you want to, need to, or just like to play.
^ exactly.. Think of it this way - what makes it lan or wan interface? To pfsense its just interface - if it had a gateway then could be seen as wan. No gateway - then lan.
Every os I have ever seen has a place or asks you for a gateway on interfaces. Either you have one or you don't have one.. But the question still has to be asked.
Pfsense doesn't ask you in the "wizard" to keep people that don't know what a gateway is in the first place from scratching their heads or asking questions about gateways on the forum.
So you have been working with computers since I was 4 years old and you don't understand the concept of a "gateway"? Really?
Does the gateway box in windows magically disappear if windows magically figures out this is a lan network and doesn't need or have use for a gateway? Why does windows call it a default gateway - if I have more than 1 interface, clearly 1 of them would just be a gateway and 1 would be a default.. But the box says "default" on it ;)
The console menu method for assigning IP info must have the gateway option available. Often people using that method are doing so because the webgui is unavailable, for whatever reason, and entering a gateway may be necessary. About the best that could be done is to add wording to the menu warning against entering a gateway on a LAN interface.
^ while you can try that - you still have to deal with
Ha! Evolution in action. :P
For a machine that is not a gateway, it makes perfect sense to ask the user what the address of the gateway is. For the machine that IS the gateway, it doesn't make a whole lot of sense. Then it just becomes a convention. The convention apparently used here is "leave it blank on the lan" which really means "leave it blank when you are the gateway". But it could just as easily have been, "set it to your own address", and it makes some sense since that is the address of the gateway on that net. Either one could be interpreted as "this is the gateway".
But hey, John, don't let me get in the way of you having your fun.
So - Joking insults aside, what was the first computer you played with in the 60's? Inquiring (old) minds want to know…
It's more than a convention. What you are entering in that box is gateways for pfSense to use that are on that interface. For a WAN interface that will be the upstream gateway, usually your ISP but could be a modem if you're double NATing. For a LAN interface it will usually be left empty because there are no gateways on the LAN network that the pfSense box can use. But that's not always the case. If you have another router on the LAN side and it has another subnet behind it that pfSense will use that router as a gateway to the other subnet. Without it packets addressed to the other subnet will have no route. In that case you must enter the downstream router as a gateway on LAN.