Odd DHCP Behavior?



  • Hello,

    Another issue that I am seeing with PFsense is that it will hand out an IP address to the client. But, the client cannot ping the router interface (192.168.1.1) nor can it ping to the outside IP… But, it can ping a printer on 192.168.1.22...

    I have released / renewed the ip, flushed the dns and still this behavior happens. Other machines on the network have no problems with the dhcp handing them information and working correctly. This is sporadic and hits different machines around the network.

    thought it was a faulty NIC or something of that nature... replaced the NIC with an Intel card and still experience the same issues.

    Just an FYI the SM is 255.255.240.0 and my scope for DHCP is from 192.168.1.100 - 192.168.2.250

    Is this just more than PFsense can deal with ? I really don't think so as  Iam a firm believer in its power.

    Thank you
    Kell



  • What rules do you have for that interface?



  • The only rules on the system is to port forward from the WAN to 443 and 8080 to an internal server. Other than that, just a base install of pfsense.

    Thank you
    Kell



  • I'm guessing the machine and the printer are behind a switch?

    Do you have a rule on the lan to allow traffic outbound?



  • Yes, the machine and the printer(s) are all behind the switch.

    I never setup a rule for outbound traffic. I do a general install of pfsense, configure the LAN and WAN interfaces and traffic flows out without any issues.

    Thank you for the help!

    Kell



  • Still having problems as stated in the first post… anyone? any other ideas?

    Thank you
    Kell



  • Is there some other rogue device that comes on the network from time-to-time with address 192.168.1.1 - if that happens then sometimes some systems will find the MAC of that device when they use ARP to find 192.168.1.1
    Do "arp -a" on a machine that is working and note the MAC address associated with 192.168.1.1 - should be the MAC address of pfSense LAN NIC.
    Do the same thing when a machine is not working and see what MAC address it think is 192.168.1.1

    Having pfSense LAN at 192.168.1.1 on a reasonable-sized network is a risk, because there are likely to be people setting up devices and quite often those devices default to 192.168.1.1 when first powered on.