Get DHCP from Router not pfsense

Hadesskywalker · Oct 19, 2015, 7:46 PM

Hi, I'm new to pfsense and maybe this question is an old one, but with my google searches and my limited knowledge of pfsense I could not figure this one out, so please help!

Here is what I want to do:
I want pfsense to show a captive portal to unknown ips. Everything else should be let through.

I got pfsense installed, no problem. Captive portal worked like a charm, but I want all connected devices to get their ips from my router not pfsense. Its dhcp I could not disable without a following reset to factory defaults.

My setup looks like this:
modem - router (dhcp) - pfsense (captive portal) - AP (with wlan)

Please help me to figure this out:
How can I disable dhcp on pfsense?
How can I access pfsense after that?
How can I access pfsense from wan?

Thank you for you help!

muswellhillbilly · Oct 20, 2015, 2:21 PM

@Hadesskywalker:

How can I disable dhcp on pfsense?

Go to Services/DHCP Server, tick the tab for LAN and untick the box marked 'Enable DHCP Server on LAN interface.
@Hadesskywalker:

How can I access pfsense after that?

Set your client PC to a static address within the LAN range.
@Hadesskywalker:

How can I access pfsense from wan?

Create a rule on your WAN interface allowing access from only your external network(s).

I don't see how you're going to get DHCP-assigned addresses to your LAN from a router which sits on the WAN side of your firewall. Is there a reason why you can't have the PFS assign DHCP addresses?

johnpoz · Oct 20, 2015, 2:04 PM

Yeah I am really confused why pfsense could not hand out your IPs to your networks behind?? Do you have pfsense in bridge mode as a transparent??

doktornotor · Oct 20, 2015, 2:13 PM

You are doing it the other way round… Also, that CP thing - that's behind yet another layer of pointless NAT? (Will not work at all if that's the case, the AP must NOT do any routing.)

Hadesskywalker · Oct 20, 2015, 2:25 PM

@johnpoz: bridge mode is a good keyword, that is what i would like to do. How could this be achieved?

I would like pfsense to only do the captive portal. I want it to be possible to add pfsense into other networks where I have no control over ips issued or other settings.

muswellhillbilly · Oct 20, 2015, 2:42 PM

@Hadesskywalker:

I want it to be possible to add pfsense into other networks where I have no control over ips issued or other settings.

So do you actually manage these other networks or not? If not, who does and are they happy with you introducing a firewall into a network they control?

I really think you're going to have to post a complete map of your network(s) for anyone to make any sense of this.

Hadesskywalker · Oct 20, 2015, 7:08 PM

No, I do not manage these networks. If I was, I could integrate the dhcp from pfsense into the network.

The map of my network is described in my original post. If you need any more details please tell me.