DHCP client Internet connection problem



  • Hi Guys,

    My LAN network address is 10.10.10.0/23 and I have DHCP server enabled so that all clients get their IP's from pfSense however I have some problems with regards to internet connection. If the dhcp assigned ip is in the 10.10.11.1 - 10.10.11.254 range, they don't have any internet connection however if the client dhcp assigned ip is in the 10.10.10.1 - 10.10.10.255 range I don't have any problem.

    Anybody experiencing this? Any ideas why and how to resolve this?

    TIA

    Jan



  • How does your Firewall-rule on LAN look like?
    Do you allow the 10.10.11.x range?



  • Jan has a /23 network where 10.10.11.1 - 10.10.11.254 is within the subnet range.

    Network:    10.10.10.0/23
    Broadcast: 10.10.11.255
    HostMin:    10.10.10.1
    HostMax:  10.10.11.254



  • Yes but if he had a /24 first and then changed to /23 and forgot to change the Firewallrule accordingly he will still allow the 10.10.10.x range but not the 10.10.11.x range :)



  • @GruensFroeschli:

    How does your Firewall-rule on LAN look like?
    Do you allow the 10.10.11.x range?

    LAN net to any is my rule so it doesn't matter which range, right?



  • @GruensFroeschli:

    Yes but i he had a /24 first and then changed to /23 and forgot to change the Firewallrule accordingly he will still allow the 10.10.10.x range but not the 10.10.11.x range :)

    This is what exactly happened, the first cidr was /24 then changed to /23 but what I can't figure out is I have a default to any from LAN rule, why is it that the other range doesn't have internet connection.



  • What is the source in your access rule?
    Is it of type: LAN subnet  or  Network?



  • @jahonix:

    What is the source in your access rule?
    Is it of type: LAN subnet  or  Network?

    Source is LAN Subnet



  • Is the subnetmask your clients get assigned via dhcp correct?

    Try to use any as source in your firewallrule at lan. Does it work now?

    If not go to firewall>nat, outbound. Do you run the automatically assigned settings? If yes, try switching to manual outbound nat. Then change the autocreated rule to source 0.0.0.0/0 (which means everything). Does it now work?



  • @hoba:

    Is the subnetmask your clients get assigned via dhcp correct?

    yes, they are all assigned by pfSense dhcp server.

    Try to use any as source in your firewallrule at lan. Does it work now?

    Still not working

    If not go to firewall>nat, outbound. Do you run the automatically assigned settings? If yes, try switching to manual outbound nat. Then change the autocreated rule to source 0.0.0.0/0 (which means everything). Does it now work?

    Still not working.. weird I even tried source as Network then declared 10.10.10.0/23 with futile results.



  • And I would like to add that clients that begins with 10.10.11.xxx can't resolve hostname via TinyDNS while 10.10.10.xx can. Weird!  ???



  • Time to sniff to find out where the traffic goes.



  • @hoba:

    Time to sniff to find out where the traffic goes.

    I replicated the same issue on another machine with a different set of NIC's , is this a bug? Anyways I went back to /24 and to serve the other machines I installed a router.



  • @jan:

    @hoba:

    Time to sniff to find out where the traffic goes.

    I replicated the same issue on another machine with a different set of NIC's , is this a bug? Anyways I went back to /24 and to serve the other machines I installed a router.

    I reinstalled for the nth time and did some test regarding network addresses, if network address is 10.10.10.x/24 it works but if 10.10.10.x/23, bottom half of the subnet cannot connect to the internet. If network address is 192.168.x.x series whether it's /24 or /23 , all clients can connect to the net. I wonder why, it's just simple routing.


Log in to reply