Assign IP by DHCP server from lan to opt1



  • My network is like this

    Internet–->Adsl modem(bridge)-->Pfsense -->Lan--> Domain controller with DHCP server
                                                      |
                                                      -----> Lan ---> 20 Clients
                                                      |
                                                      ------> DMZ zone ---> Antivirus server , Email server

    1.I want my client get ip from my DHCP server through pfsense
    2.How can i make my client connect with antivirus server

    What i have to do?

    I'm new to pfsense

    I already try to search but no exactly match

    Ps. Sorry for my language i'm not native



  • Your going to have to setup DCHP Relay on your PF box.  Services | DHCP Relay



  • You have two LANs pictured as separate interfaces. How are you doing this - LAN and OPT1, bridged, … ???
    For the LAN clients setup a DHCP relay as pointed ot before.

    The DMZ can be reached by rules defined on the client's LAN interface.

    @mubin:

    Internet–->Adsl modem(bridge)-->Pfsense -->Lan-->
                                                      |
                                                      -----> Lan --->

    Provide some more infos here.



  • Internet–->Adsl modem(bridge)-->Pfsense -->Lan--> Domain controller with DHCP server
                                                      |
                                                      -----> Opt1 –-> 20 Clients
                                                      |
                                                      ------>Opt2 –-> Antivirus server , Email server

    Sorry my bad
    1.I want 20 clients and Domain controller can download definition from antivirus server
    2.I want 20 clients get ip from dhcp server

    what i have to config in  opt1 and opt 2 interface?

    thank you



  • Why do you want to separate the DC from the clients? Are they doing more than just serving the client LAN?

    First goto  Services | DHCP relay  and define the DHCP server redirection.
    At  Firewall | Rules you will want some rules on the OPT1 tab to allow traffic from client side to server LAN and to OPT2 with your services.
    And rules for those OPT2 computers have to be defined, of course.
    If your DC has to access WAN then those rules want to be configured as well…



  • Ok i understand but only one thine left

    How do i config interface OPT1 and OPT1
    Example Ip configuration Static Dhcp

    Something like that i don't quite understand with that option

    I very new Sorry if my question look annoy

    Thank for help



  • @mubin:

    Example Ip configuration Static Dhcp

    Didn't you want to receive DHCP leases from your DC?
    That way you don't have to configure static leases in pfSense but with your DC's DHCP server.

    Are you sure you know what you want?



  • I have 192.168.25.2 at lan interface and everything work fine
    but when I enable opt 1 I already enable DHCP relay on opt1 and point to my DHCP server at DC in lan interface and set rule to pass all from lan to opt1
    and pass all from opt1 to lan when i
    question is
    1.  DC cannot assign DHCP from lan to opt1

    so i try to enable DHCP server from Pfsense itself but pfsense didn't Assign to opt1 client

    Now i don't know what to do please help?



  • Tell us what subnet (and mask) is on which interface and where the DHCP servers are located at and which client range they are supposed to deliver.
    Maybe that gives a meaningful picture further advise can be given on.



  • DC in Lan interface and IP= 192.168.25.1/24 and pfsense 192.168.25.2/24

    Opt 1 I want Dc to assign ip range 192.168.25.30 - 192.168.25.50 /24

    That all



  • Then you have your LAN and OPT1 on the same subnet.
    This can be done easier with a switch. You don't have separate networks anyway.

    Or follow this thread: http://forum.pfsense.org/index.php/topic,6734.msg38871.html#msg38871



  • OK if it in differnet subnet what do i have to do?



  • You should know what you actually need, maybe we can provied some help then.
    Just because it can be done doesn't mean it has to be done!

    Why would you want to separate your DC from the LAN clients? You would have to create firewall rules to allow traffic back and forth anyway. If not, then it's not your DC any more and if you do, the separation doesn't make any sense. At least with the information aboout your network we got so far (1 DC and 20 DHCP clients) this is not desirable to do.
    KISS is your friend! (http://en.wikipedia.org/wiki/KISS_Principle)


Log in to reply