[pfSense Support] how to manage 2 subnets for LAN ?
Hello PfSense masters, I'm using successfully PfSense to manage the access of a wifi network providing Internet to my village. At now, we have a simple setup on the LAN side where all backbone network (antennas) and connected people shares the same subnet, for ex : 192.168.1.0/24 : WanLan,)Ant -- client 1 DSL Line --- PF Ant(- -)Ant -- Ant(- -)Ant -- client 2 `)Ant -- client 3 The antennas have a static IP address, and PfSense is giving dynamic ones to clients through DHCP server. We'd like to separate IPs of bacbone antennas from client ones, for example 192.168.1.0/24 for antennas and 192.168.2.0/24 for people. How this could be done ? At first, I thought about adding a second IP on the LAN interface, but I didn't found how to do this in the web gui, and looking at the PfSense's archives, it looks like it's not supported (perhaps a design choice ?). As we use an Alix 2d3 board with 3 ethernet interfaces, there is one free at now : could we use this OPT interface to manage backbone network, with an address in its subnet 192.168.1.0/24, and put an address from 192.168.2.0/24 subnet on the LAN interface to serve clients, provided these two LAN and OPT will be connected through a switch to the first antenna of the backbone where all traffic is passing ? Thanks for any remark or suggestion about this scheme, With regards, Fred. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] how to manage 2 subnets for LAN ?
Hi, As we use an Alix 2d3 board with 3 ethernet interfaces, there is one free at now : could we use this OPT interface to manage backbone network, with an address in its subnet 192.168.1.0/24, and put an address from 192.168.2.0/24 subnet on the LAN interface to serve clients, provided these two LAN and OPT will be connected through a switch to the first antenna of the backbone where all traffic is passing ? I think you want a managed switch that has vlan support. You can then use the 3rd port on the alix for connecting all the vlans. Regards, Seth - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] simultaneous client connection
Hello, setting simultaneous client connection limit allows you to restrict the number of parallel connections to a server per client IP address or client address block? When the limit is reached, it filters all the new connections from that ip or it blocks all connections from that ip, or it blocks all connections that matches the rule? Thanks, Javier. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] qVoIP not working
I have a VoIP phone (Siemens S685IP) with the IP 192.168.1.103. I used the traffic shaper wizard to setup some queues. However, nothing seems to flow into the qVoIP during VoIP calls (the traffic seems to go into qDefault). I tried to modified the rule, using the IP address instead of the alias, enabling the Quick option but without success. Seems like floating rules do not working when using NAT!? I added 1 rule in LAN and 1 rule in WAN and it seems to work now. Can someone explain me when are floating rules evaluated? By the way, if I choose to prioritize DNS in the wizard, the traffic to/from (I didn't look further into this issue) my ISP's DNS servers is blocked!? Am I the only one to have this issue? Regards, Cyril - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] how to manage 2 subnets for LAN ?
Le Thu, 18 Nov 2010 14:10:18 +0100, Seth Mos seth@dds.nl a écrit : Hi, As we use an Alix 2d3 board with 3 ethernet interfaces, there is one free at now : could we use this OPT interface to manage backbone network, with an address in its subnet 192.168.1.0/24, and put an address from 192.168.2.0/24 subnet on the LAN interface to serve clients, provided these two LAN and OPT will be connected through a switch to the first antenna of the backbone where all traffic is passing ? I think you want a managed switch that has vlan support. You can then use the 3rd port on the alix for connecting all the vlans. The different LAN subnets' trafic aren't VLAN tagged, and all traffic comes from one Ethernet port (from the nearest antenna), so I don't understand how VLAN could be used there ? Fred. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] how to manage 2 subnets for LAN ?
On Thu, Nov 18, 2010 at 12:39 PM, Fred Boiteux fblis...@free.fr wrote: The different LAN subnets' trafic aren't VLAN tagged, and all traffic comes from one Ethernet port (from the nearest antenna), so I don't understand how VLAN could be used there ? Most carrier-grade radios support tagging packets from the management interface, so client traffic comes through untagged and management happens on the management vlan. db - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] how to manage 2 subnets for LAN ?
I think the OP was referring to running two subnets concurrently on the same wire, something I often have to do for various reasons, sometimes to solve co-existence issues while renumbering a network. I have no idea how to accomplish this in pfSense; apparently I haven't had to do this since I started using pfSense! (An example is when I have a server subnet that's too small - either it was undersized to begin with or it grew beyond expectations - and I can't widen the subnet mask because I've already used the subnets above and below it elsewhere, so I have to at that point run two subnets concurrently on the same VLAN until I can get rid of all the old addresses.) -Adam -Original Message- From: David Burgess [mailto:apt@gmail.com] Sent: Thursday, November 18, 2010 13:56 To: support@pfsense.com Subject: Re: [pfSense Support] how to manage 2 subnets for LAN ? On Thu, Nov 18, 2010 at 12:39 PM, Fred Boiteux fblis...@free.fr wrote: The different LAN subnets' trafic aren't VLAN tagged, and all traffic comes from one Ethernet port (from the nearest antenna), so I don't understand how VLAN could be used there ? Most carrier-grade radios support tagging packets from the management interface, so client traffic comes through untagged and management happens on the management vlan. db --- -- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] how to manage 2 subnets for LAN ?
On Thu, Nov 18, 2010 at 3:11 PM, Adam Thompson athom...@athompso.net wrote: I think the OP was referring to running two subnets concurrently on the same wire, something I often have to do for various reasons, sometimes to solve co-existence issues while renumbering a network. I have no idea how to accomplish this in pfSense; apparently I haven't had to do this since I started using pfSense! In that case you can add an alias to the LAN interface. IIRC, you just run ifconfig appending 'alias' to the end. Don't quote me on it though. Get that working, then use shellcmd to make it stick across reboots. You will also want to check the box in the UI to supress arp errors in the logs. vlans are still the preferred method if your radios support it. What brand are you using? db - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] how to manage 2 subnets for LAN ?
On 11/18/2010 11:16 PM, David Burgess wrote: On Thu, Nov 18, 2010 at 3:11 PM, Adam Thompson athom...@athompso.net wrote: I think the OP was referring to running two subnets concurrently on the same wire, something I often have to do for various reasons, sometimes to solve co-existence issues while renumbering a network. I have no idea how to accomplish this in pfSense; apparently I haven't had to do this since I started using pfSense! In that case you can add an alias to the LAN interface. IIRC, you just run ifconfig appending 'alias' to the end. Don't quote me on it though. Get that working, then use shellcmd to make it stick across reboots. You will also want to check the box in the UI to supress arp errors in the logs. Read this document: http://doc.pfsense.org/multiple-subnets-one-interface-pfsense.pdf Tried that out with the latest stable pfSense yesterday and it worked fine. Regards Karsten -- Karsten Becker Head of Information Technology Ecologic Institute Berlin - Brussels - Vienna - Washington DC Pfalzburger Strasse 43/44 | 10717 Berlin | Germany Tel. +49 (30) 86880-0 | Fax +49 (30) 86880-100 http://www.ecologic.eu/ | http://www.ecologic-events.eu/ Ecologic Institute publishes a monthly newsletter. To subscribe, please register at: http://www.ecologic.eu/subscribe.htm - - - Ecologic Institut gemeinnuetzige GmbH GF/Director: R. Andreas Kraemer | AG Charlottenburg HRB 57947 | USt/VAT-IdNr. DE811963464 'Ecologic' is a Trade Mark (TM) of Ecologic Institut gemeinnuetzige GmbH, Berlin. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] how to manage 2 subnets for LAN ?
Another easy solution is to just add another nic. Sent from my iPhone On Nov 18, 2010, at 2:46 PM, Karsten Becker karsten.bec...@ecologic.eu wrote: On 11/18/2010 11:16 PM, David Burgess wrote: On Thu, Nov 18, 2010 at 3:11 PM, Adam Thompson athom...@athompso.net wrote: I think the OP was referring to running two subnets concurrently on the same wire, something I often have to do for various reasons, sometimes to solve co-existence issues while renumbering a network. I have no idea how to accomplish this in pfSense; apparently I haven't had to do this since I started using pfSense! In that case you can add an alias to the LAN interface. IIRC, you just run ifconfig appending 'alias' to the end. Don't quote me on it though. Get that working, then use shellcmd to make it stick across reboots. You will also want to check the box in the UI to supress arp errors in the logs. Read this document: http://doc.pfsense.org/multiple-subnets-one-interface-pfsense.pdf Tried that out with the latest stable pfSense yesterday and it worked fine. Regards Karsten -- Karsten Becker Head of Information Technology Ecologic Institute Berlin - Brussels - Vienna - Washington DC Pfalzburger Strasse 43/44 | 10717 Berlin | Germany Tel. +49 (30) 86880-0 | Fax +49 (30) 86880-100 http://www.ecologic.eu/ | http://www.ecologic-events.eu/ Ecologic Institute publishes a monthly newsletter. To subscribe, please register at: http://www.ecologic.eu/subscribe.htm - - - Ecologic Institut gemeinnuetzige GmbH GF/Director: R. Andreas Kraemer | AG Charlottenburg HRB 57947 | USt/VAT-IdNr. DE811963464 'Ecologic' is a Trade Mark (TM) of Ecologic Institut gemeinnuetzige GmbH, Berlin. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] how to manage 2 subnets for LAN ?
On Thu, Nov 18, 2010 at 3:51 PM, fi...@7technw.com fi...@7technw.com wrote: Another easy solution is to just add another nic. Not an option in this case. The OP described a wireless network where the client subnet and management subnet exist on the same physical network. You can't change that in this case, so your two options are to separate them virtually (vlans) or just run them on the same physical network. Yes, he could use another NIC and plug it into a switch along with the first NIC and the wireless network, but this still doesn't separate the two networks, and is no better than creating an alias on the existing NIC. db - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
