Let me explain what I want to do. I have a client who was using Linux as a proxy server it had this one LAN interface and a WAN, LAN NIC in the virtual one he had, as follows: eth0: 1, eth0: 2, eth0: 3, so he had:
Eth0: 1 - 192.168.0.0/24 Eth0: 2 - 192.168.1.0/24 Eth0: 3 - 192.168.2.0/24 In each network that had a DHCP server, the machines that were registered in the MAC eth0: 1 gave the DHCP IP with full access, same with the Mac machines connected to eth0: 2, but only with Internet just released, unknown machines fall directly on eth0: 3, do not access anything, not even the internet. The client took the pfSense me and wanted this same scenario, then how is the pfSense I added in VMware virtual network adapters 04, and a WAN, a LAN, a OPT1 and OPT2, enable DHCP on all but the WAN so I did: LAN - 192.168.0.0/24, OPT1 - 192.168.1.0/24, OPT2 - 192.168.2.0/24 to apply the same concepts, I went on Static DHCP Mappings and added the MAC address of each machine, tying the IP on the LAN and on OPT1, the OPT2 I left a little gnashing of IPS, without tying MAC intrusive machines fall into it, at first the plan was working, only two days later, he began to mess with MAC machines defined in the 192.168.0.0 network / 24 falling on the 192.168.1.0/24 network or OPT2 and vice versa, then stopped the mess When you disable DHCP and OPT1 OPT2, I left the DHCP enabled LAN, OPT1 and just let DHCP Static Mapping, is working well, but the machines that are on DHCP Static Mapping in OPT1 only take IP and subnet mask, no gateway and no DNS, then they do not sail, navigate maybe if I force the use of proxy in the browser. In the DHCP service for each network I enabled - "Deny unknown clients" If this is checked, only the clients defined below will get DHCP leases from this server. This should not only ensure that the machines contained in the Static DHCP Mappings ranger caught that IP? Well gentlemen, the question remains, what is the best solution that I adopt to this scenario? How can I leave the pfSense like the way things were when the client was using Linux? I know this is kind of workaround, but there is no switch and wireless AP to make extra VLAN, then traffic from three networks are on the same switch, but it is the pfSense sort out who belongs to which network. Thanks, Ivanildo Galvão - MCP, MCT, MCSA, VSP -----Mensagem original----- De: Jim Pingle [mailto:li...@pingle.org] Enviada em: quinta-feira, 1 de setembro de 2011 17:38 Para: support@pfsense.com Assunto: Re: [pfSense Support] Static ARP On 9/1/2011 4:19 PM, Ivanildo Galvão - IT Services wrote: > What does this function in pfSense DHCP? The ARP command, and ifconfig. Static ARP entries are added using the arp command and the info provided in the GUI, and then the interface is configured to be "staticarp". It's all handled by the OS then (FreeBSD). Note that it did not work properly in 1.2.3 (it never applied at boot time, only when saved), but it does work in 2.0. At least it did last time I tried it. Jim --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
