DHCP dosnt seem to work on lan cards

ray167

Hi ,

I have recently installed PFsense on a watch guard x750e  and I am trying to get the interfaces working to hook up my other stuff like tv and av unit to it. The issue I am having is when I assign a nic card and activated and then hook up a cable to it, the device on the other end dosnt get an IP address. I have the IPV4 set to DHCP in pfsense, and also assigned a rule in the firewall section for the nic. No matter what I do though pfsense does not hand out an IP address to lets say my TV. Is their a step  I am missing here? I would appreciate any help I can get.

Thanks

P.S my router that is connected as a AP to the LAN nic works just fine. Everything that connects to the wireless AP is assigned an IP address with no issue.

phil.davis

What did you do after assigning the devices on the WatchGuard?
Are you
a) having each NIC as a separate LAN, with a separate IP address/subnet?
or
b) bridging all the NICs to make a single LAN?

In case (a) then you will have to enable DHCP Server and give a pool of addresses for each interface.
Even without firewall rule/s on the interface, when you enable DHCP Server on an interface, pfSense adds the necessary rules to allow clients to make DHCP requests to ports 67/68.

ray167

Phil,

I am on the A scenario. Ill just write a little step by step description.

1. I assign an interface to a nic
2. I go to the setup page of the the NIC and enabled.
3.I give it a static IP such as 192.168.1.3 on the IPV4 Config
4. I save then apply changes
5. I go the dhcp server and enabled on the newly assigned NIC
6. I input a range of IP addresses usually around 10
7. I go to my laptop and try to connect, it apparently gets assigned an IP address but I cannot reach pfsense when I type in its IP address nor can I reach internet.

I have also put in a rule in the firewall for basically any connection and I still dont seem to be able to reach the internet or the firebox through my laptop on any of the newly assigned NICs.

I would appreciated some input or other methods making the new connections work

Thanks

phil.davis

You did not mention adding a firewall rule on OPTn to pass any traffic:
Step 6a. Firewall->Rules, OPTn tab. Add a rule to pass protocol any source OPTn net destination any

And hopefully you are giving each NIC/interface an IP in a separate subnet, e.g.:
192.168.2.1/24
192.168.3.1/24
192.168.4.1/24
192.168.5.1/24

ray167

Thanks for the info Phil, I was adding the rule in the firewall, unfortunately with my lack of knowledge on internet protocols I was putting in the same IP but with the last digit being different. DHCP is now giving out IP to every NIC on the X750e, but I still cannot get internet on any of them except for the LAN. I made sure that the other nics have the same settings as LAN and also the same firewall rules, but seems to make no difference. Am I missing something else here?

Thanks

phil.davis

On each Firewall Rules interface tab (OPT1, OPT2…) you need a rule to allow traffic arriving on that interface. You can make a pass everything rule, do it the same on OPT1, OPT2...:
Pass protocol all, source any, destination any

Or you can make slightly different rule on each:
On OPT1 - Pass protocol all, source OPT1net, destination any
On OPT2 - Pass protocol all, source OPT2net, destination any
On OPT3 - Pass protocol all, source OPT3net, destination any
On OPT4 - Pass protocol all, source OPT4net, destination any

Post your rules if you are stuck.

ray167

Hi Phil,

After changing the TCP to any I got the NIC to work. Should have done it earlier but I just went with what was written under the drop down menu. Now I am also having an issue with having different devices like the TV, xbox, and AV unit communicating with my pc and vice versa. I cannot even ping anything from one NIC to the next. I have enabled UPNP and  NAT PMP hoping that I can get everything to communicate with each but no hope their. I have read on some other posts that by default all NICs should be able to communicate with each other, so I was wondering if their is more firewall rules that need to be set.

Thanks Phil

ray167

Ok so I finally got my devices to communicate with each other. I read some posts about bridging network cards together and that did it for me. This is what I did:

1. Created a bridge and bridged all my NICs to LAN
2. I went through all NICs and disabled the DHCP sever for them except for the LAN NIC
3. Set firewall rule to pass and source any and destination any

I have not tested all me equipment but I am pretty sure they all work and see each other on the network. I have also kept UPNP and NAT PMP enabled so this may also be needed to have all devices on the network see each.

bryan.paradis

@ray167:

Ok so I finally got my devices to communicate with each other. I read some posts about bridging network cards together and that did it for me. This is what I did:

1. Created a bridge and bridged all my NICs to LAN
2. I went through all NICs and disabled the DHCP sever for them except for the LAN NIC
3. Set firewall rule to pass and source any and destination any

I have not tested all me equipment but I am pretty sure they all work and see each other on the network. I have also kept UPNP and NAT PMP enabled so this may also be needed to have all devices on the network see each.

Was going to say putting them on a bridge for the lan would be the idea unless you want something else specific. Glad you got it working. Unless I am extremely foggy today it shouldn't require anything other then just setting those extra nics into the lan bridge to get you going.

ray167

@bryan.paradis:

@ray167:

Ok so I finally got my devices to communicate with each other. I read some posts about bridging network cards together and that did it for me. This is what I did:

1. Created a bridge and bridged all my NICs to LAN
2. I went through all NICs and disabled the DHCP sever for them except for the LAN NIC
3. Set firewall rule to pass and source any and destination any

I have not tested all me equipment but I am pretty sure they all work and see each other on the network. I have also kept UPNP and NAT PMP enabled so this may also be needed to have all devices on the network see each.

Was going to say putting them on a bridge for the lan would be the idea unless you want something else specific. Glad you got it working. Unless I am extremely foggy today it shouldn't require anything other then just setting those extra nics into the lan bridge to get you going.

I did try to just bridge everything and setup rules but that didnt work for me. I read on another thread here that I should disable DHCP server on all NICs except for LAN and that did the trick.