Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Default install NAT issue when wan dhcp = 192.168.1.x/24

    Scheduled Pinned Locked Moved 2.3-RC Snapshot Feedback and Issues - ARCHIVED
    3 Posts 2 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      heper
      last edited by

      scenario:

      1. Install pfsense to harddisk without configuring anything (option I )
      2. System reboots
      3. option1:assign interfaces & option2:Set interface ipadresses from console
        3a) WAN gets dhcp from upstream, ip = 192.168.1.x/24 (example)
        3b) Set LAN ip to some other valid lan subnet example: 10.30.30.1/24
        3c) Enable Dhcp on LAN
      4. Notice client can connect to pfsense LAN, but can not ping any addresses on the web.
      5. log in to GUI
      6. ping/traceroute from WAN –> 8.8.8.8 works | ping from LAN --> 8.8.8.8 Fails
      7. goto lan interface config, uncheck "Block private networks" & save
      8. retry (6)  <-- still fails
      9. check firewall & nat rules from GUI | do filter reload  <--- looks ok, but still doesnt work
      10. reboot
      11. all OK

      Tried this procedure two times, so on this supermicro hardware it is reproducable.

      So i'm guessing something goes wrong when the WAN & LAN subnets are identical at one point in the configuration phase. only fix is i've currently found is to reboot.

      if i find some time this weekend i'll try this in a VM environment.

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        The routing table was probably FUBAR from the moment WAN picked up an address in the same network as LAN, which happened as soon as the interfaces were assigned.

        In step 3 did you only configure the LAN address?
        What happens if you use the console menu to change the WAN address (entering "dhcp" again) after moving the LAN to another subnet?

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • H
          heper
          last edited by

          yes i've only configured the LAN address.

          tried to replicate this @home using vbox …. can't get it to fail.....

          i'm guessing there is code in place to detect identical wan/lan subnets on empty config as it appears that in vbox the LAN-ip is set to null with a default config when wan receives the same subnet by dhcp.
          could someone point me to that code?

          i'm thinking that on real hardware, it (potentially) takes more time to acquire the dhcp-lease (background process?) and the default_static_lan_ip is set before the dhclient finishes ? => route corruption ?
          i'm just speculating

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.