Install and configured (non-working internet)
-
Hey all I am new with setting up pfsence and need some help.
I have attached some images to my post of my current setup. Basically I installed version 2.2 without any issues but not sure how to configure it after that.
My setup consists of:
Atom motherboard http://www.miniboard.cn/en/ProductShow.asp?id=198
8 LAN ports
4gb ddr3 ram
128 gb ssdPer my attached screenshots it seems I only have eo1 enabled with an address (lan) while the WLAN has no ip.
The WLAN port is hooked to a UniFi
AP-AC via Poe Ethernet connected to en1(first orange cable next to blue cable). The LAN is connected to en0(blue cabled) which is my fiber optic internet line. The other Ethernet ports will just be hooked to a gigabit switch.Could someone give me some step by step guide to setting this up for my particular setup?
-
why would you need so many lan ports, are you going to have a lot of segments? Are you going to lagg them?
"The LAN is connected to en0(blue cabled) which is my fiber optic internet line"
Why would you connect your LAN to your internet? That would be the WAN interface of pfsense.
-
why would you need so many lan ports, are you going to have a lot of segments? Are you going to lagg them?
I was looking around the forum before i purchased hardware for the PFSense and this motherboard was talked about a lot as being the best to use since it had so many Intel LAN ports. I really have no idea why it was but it was recommended so i bought it. I figured having 7 ports connected to my switch would be better than one to the switch.
"The LAN is connected to en0(blue cabled) which is my fiber optic internet line"
Why would you connect your LAN to your internet? That would be the WAN interface of pfsense.
You're correct. I don't know what i was thinking… I did find out that the Ethernet port that's all alone (the one with the blue Ethernet cord) did not work. I'm guessing thats because it may not be part of the intel ports all other 8 are.
Hooking the internet line up to em0 and the other em1 to a switch then from the switch to my testing PC worked. However, i am not getting any internet connection. I can log into the pfsense just fine but was unable to surf to like google.com.
My WAN ip is the IP from my internet provider xxx.xx.xxx.xxx and i setup my LAN with 7.7.7.1.
-
My WAN ip is the IP from my internet provider xxx.xx.xxx.xxx and i setup my LAN with 7.7.7.1.
So you're setting this up for the US DoD?
NetRange: 7.0.0.0 - 7.255.255.255
CIDR: 7.0.0.0/8
NetName: DISANET7
NetHandle: NET-7-0-0-0-1
Parent: ()
NetType: Direct Allocation
OriginAS:
Organization: DoD Network Information Center (DNIC)
RegDate: 1997-11-24
Updated: 2006-04-28
Ref: http://whois.arin.net/rest/net/NET-7-0-0-0-1Why not just leave it at the default of 192.168.1.1. It was ALL set up to work out-of-the-box and you had to go mess with it.
-
…
I figured having 7 ports connected to my switch would be better than one to the switch.
...?? What are you constructing ??
-
What screenshots would you need to see from my setup in order to determine where i am not setting up something correctly?
-
" i setup my LAN with 7.7.7.1."
Dude - that is just WRONG.. unless you own public IP space you should be using rfc1918 on your lan. If you don't like the default 192.168.0.0/24 then use any of the other of millsions of networks you could use 10.x.x.x/? 192.168.x.x/?, 172.16-31.x.x/?
You can not just pick some random public IP address range ouf of thin air and use it..
And again why would it be better to have 7 to your switch vs 1? Again are you going to be lagging them, do you plan on having more than 1 segment, do you even know what a segment/vlan is? Do you have a switch that supports vlans?
Yes I would love a board that has 8 nics to use as a router - but don't really need that many in most setups.. Could of saved some bucks if you don't have use of that many nics. Ethernet ports in nic cards are not switch ports!!!
-
What screenshots would you need to see from my setup in order to determine where i am not setting up something correctly?
Software pfSense tab-pages, specifically from 192.168.9.1 :80 ?, preferably from 192.168.1.1 :80
- Interfaces: Assign network ports
- Status: Interfaces
- Interfaces: WAN
- Interfaces: LAN
[Or maybe your hardware of 7 switches(16) for 7 LAN's for 105 workstations or the like.]
-
More importantly, is that a picture of Chef Emeril Legasse in the last two images?
-
More importantly, is that a picture of Chef Emeril Legasse in the last two images?
lolz i had to zoom into the photo priceless ;D
-
Seven LAN ports…BAM!
;) -
Would those who are serious here on this forum to help others please PM me so that I can not waste my time reading stupid reply's that help me 0% to my original question for help. Thanks.
-
Reset to factory.
Configure your WAN.
Leave LAN at default.
Plug a computer into LAN.
You'll be online.
Then add one system at a time. No need to fart around with a wireless access point if you don't have working internet yet.
-
Reset to factory.
Configure your WAN.
Leave LAN at default.
Plug a computer into LAN.
You'll be online.
Then add one system at a time. No need to fart around with a wireless access point if you don't have working internet yet.
Thanks for the helpful advice, Derelict.
Now what do i need to set the other LANs 3-8 to/as so that it mimics like LAN 2 is currently set to?
-
How am I supposed to know what LAN 2 is currently set to?
Assign the interface
Edit the interface, assign an IP address/subnet
Edit DHCP to match
Create firewall rules -
How am I supposed to know what LAN 2 is currently set to?
Assign the interface
Edit the interface, assign an IP address/subnet
Edit DHCP to match
Create firewall rulesLan2 is set to 192.168.1.1 (static) (with a DHCP range from 192.168.1.10 to 192.168.1.254 with submask set to 255.255.255.0).
So I am guessing that Lan3-8 should be something like this:
Lan3 set to (static) 192.168.1.2
Lan4 set to (static) 192.168.1.3
Lan5 set to (static) 192.168.1.4
Lan6 set to (static) 192.168.1.5
Lan7 set to (static) 192.168.1.6
Lan8 set to (static) 192.168.1.7Would that be correct? I tried a few things last night but once i unhooked LAN2 (but still had LAN3 connected) it didn't seem to have internet nor admin panel connection any longer.
-
So I am guessing that Lan3-8 should be something like this:
Lan3 set to (static) 192.168.1.2
Lan4 set to (static) 192.168.1.3
Lan5 set to (static) 192.168.1.4
Lan6 set to (static) 192.168.1.5
Lan7 set to (static) 192.168.1.6
Lan8 set to (static) 192.168.1.7Why are you guessing anything? There's no guessing involved in this field. It's all standards-based with precise rules on how you do things. You will need to understand IP subnetting to make this work.
Lan3 set to (static) 192.168.2.1
Lan4 set to (static) 192.168.3.1
Lan5 set to (static) 192.168.4.1
Lan6 set to (static) 192.168.5.1
Lan7 set to (static) 192.168.6.1
Lan8 set to (static) 192.168.7.1 -
Do you even have one LAN port passing traffic to WAN yet? I haven't seen a posting indicating that is the case yet.
Have you read the basics of how to write firewall rules? Do you have any understanding of IP routing?
If not, connecting and trying to bring up all 6 other interfaces is going to do nothing but make your pfSense firewall an over-complicated mess. You've got to walk before you run.
Work on getting the interfaces up one at a time. No, 7 is not better than 1, it's just more complicated and prone to failure if you don't know what you're doing (and why you're doing it).
pfSense is not a switch, its a firewall.
-
I am with almabes here - why are you trying to bring up all of the interfaces at once?? Get your 1 wan and 1 lan working - then play with the others. Do you even have a smart/managed switch that will allow you to run all those other segments 192.168.6, 192.168.7 etc..
Or you do you plan on running 7 different segments over the same physical wire?
-
Can you draw out what you want your network to look like? I'm much better with visuals than text descriptions.
If you're going to set up a network that has a WAN, LAN, and WiFi, you only need three ports. If your switch is a layer 3 switch, you could create VLANs on your LAN, but that's only if the switch will support it. Otherwise, those additional NICs will sit unused. There is no technical advantage to having more than one NIC on your switch, and it can actually cause problems if you misconfigure something (like not properly creating VLANs and firing up two DHCP servers).
So if you can help me understand what you want to do, it'll be easier for me to get you there.
