Netgate SG-1000 microFirewall

Author Topic: New semi-working setup.  (Read 302 times)

0 Members and 1 Guest are viewing this topic.

Offline Boredjim8

  • Newbie
  • *
  • Posts: 4
  • Karma: +0/-0
    • View Profile
New semi-working setup.
« on: December 30, 2017, 05:13:50 pm »
So i got around to setting up a lab and im not sure where i went wrong.

RF Cable into a Netgear Gateway / Modem that has its WIFI running (tablets, family laptops, cell, tv..)

172.168.0.1
255.255.255.0
[172.168.0.1/24]

Not that it should matter but.. it has DHCP set from 100-149.  140-149 are reserved for my computers (i set up a switch and reserved the mac addresses for each / shared files / and accessed internet to test it)

So i went to plug in PF sense
172.168.0.140 static IP

Setup PF Sense on this .. https://i.imgur.com/8f7wTm8.jpg

My main desktop was able to use the internet but my secondary one was not.

The secondary PC is not really getting a normal assigned IP. It keeps giving me a 255.255.0.0 subnet and its IPV6 is looking a little odd. Not normal Hex but some % symbols %2ff: or something like that..

I might of had a static IP set from before so when it handed out the IP's it didnt do that.. but when setting it to dynamic it still would not join the same network as my desktop.   ;D



I have not set up anything on the netgear to allow traffic so i think that might also be an issue.
Excuse my awkward ramble. If i dont make sense ask me to rephrase it please. Thanks!



--


I had CMD ipconfig open from when i was on the PF sense network and after i released and renewed when on the switch only..

   IPv4 Address. . . . . . . . . . . : 192.168.1.2
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : fe80::b2b9:8aff:fe92:5bda%12
                                       192.168.1.1

   IPv4 Address. . . . . . . . . . . : 172.168.0.149
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : fe80::b2b9:8aff:fe92:5bda%12
                                       172.168.0.1

So my main desktop is switching back and forth correctly and can access the internet without any netgear forwarding. Hopefully it helps.

Offline Gertjan

  • Hero Member
  • *****
  • Posts: 2587
  • Karma: +208/-9
    • View Profile
Re: New semi-working setup.
« Reply #1 on: December 31, 2017, 01:22:27 am »
So i got around to setting up a lab and im not sure where i went wrong.

RF Cable into a Netgear Gateway / Modem that has its WIFI running (tablets, family laptops, cell, tv..)

172.168.0.1
255.255.255.0
[172.168.0.1/24]

Not that it should matter but.. it has DHCP set from 100-149.  140-149 are reserved for my computers (i set up a switch and reserved the mac addresses for each / shared files / and accessed internet to test it)
172.168 ?
Read https://en.wikipedia.org/wiki/Private_network

So i went to plug in PF sense
172.168.0.140 static IP

Setup PF Sense on this .. https://i.imgur.com/8f7wTm8.jpg
I posted the wrong photo.

My main desktop was able to use the internet but my secondary one was not.
What is different between those two PC's ?
What did the DHCPv4  log shows you (pfSense) ?


The secondary PC is not really getting a normal assigned IP. It keeps giving me a 255.255.0.0 subnet and its IPV6 is looking a little odd. Not normal Hex but some % symbols %2ff: or something like that..
%ff symbols => welcome to https://en.wikipedia.org/wiki/IPv6  ;D

I might of had a static IP set from before so when it handed out the IP's it didnt do that.. but when setting it to dynamic it still would not join the same network as my desktop.   ;D
A said  above, check the DHCP4 logs on pfSense : what did you see ?
Probably some other DHCP server on your network handing out also IP's or client gets IP by DHCP but getway and/or DN is set to satic.


I have not set up anything on the netgear to allow traffic so i think that might also be an issue.
What netgear ? What's is role ?


I had CMD ipconfig open from when i was on the PF sense network and after i released and renewed when on the switch only..

   IPv4 Address. . . . . . . . . . . : 192.168.1.2
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : fe80::b2b9:8aff:fe92:5bda%12
                                       192.168.1.1

   IPv4 Address. . . . . . . . . . . : 172.168.0.149
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : fe80::b2b9:8aff:fe92:5bda%12
                                       172.168.0.1

So my main desktop is switching back and forth correctly and can access the internet without any netgear forwarding. Hopefully it helps.
Back and forth between what ?
Who is "192.168.1.1"  - (pfSEnse) ?
Where is this IP 172.168.0.149 coming from ?

Online chpalmer

  • Hero Member
  • *****
  • Posts: 1821
  • Karma: +95/-3
    • View Profile
    • Home of Cablenut
Re: New semi-working setup.
« Reply #2 on: December 31, 2017, 06:13:25 pm »

Quote
Not that it should matter but.. it has DHCP set from 100-149.  140-149 are reserved for my computers (i set up a switch and reserved the mac addresses for each / shared files / and accessed internet to test it)
172.168 ?
Read https://en.wikipedia.org/wiki/Private_network


 ;)     +1
P.S. statements made by me are not necessarily condoned by the management of this fine organization.  http://badmodems.com

Offline Boredjim8

  • Newbie
  • *
  • Posts: 4
  • Karma: +0/-0
    • View Profile
Re: New semi-working setup.
« Reply #3 on: December 31, 2017, 06:15:22 pm »
https://i.imgur.com/1JYNgXv.png

Secondary PC (Ethernet Only) Cannot find the internet when connected. If i remove the PF Sense and plug the switch directly in i can join the network of laptop and main desktop. I made a homegroup to test it / shared files. 





So i guess im asking what do i need to check (other than double check obtain IP automatically is set) in the PF Sense settings to make sure im handing out IP's correctly for this setup? :) Thanks. Im reading the information posted now.
« Last Edit: December 31, 2017, 06:19:56 pm by Boredjim8 »

Offline Boredjim8

  • Newbie
  • *
  • Posts: 4
  • Karma: +0/-0
    • View Profile
Re: New semi-working setup.
« Reply #4 on: December 31, 2017, 07:06:12 pm »
Ok see now its odd i just set it back up.

It flipped on me.

Secondary Desktop has internet and it did it on auto.

But my main desktop (the one I'm on now) the Ethernet no longer works. And its assigning the same kind of IP.

https://i.imgur.com/ejn2t2A.png


Offline Boredjim8

  • Newbie
  • *
  • Posts: 4
  • Karma: +0/-0
    • View Profile
Re: New semi-working setup.
« Reply #5 on: December 31, 2017, 07:21:39 pm »
Do i have to enable the LAN to have more than one IP? Or like.

So my build is that old shit PC with 2 network NIC's.

The Lan at 172.168.0.140 acting as the wan in and the 192.168.0.1 lan out. I didnt set up the second card with two open lan ports.. or setup my onboard nic. I figured it would do the routing with just one lan out automatically. maybe it only does the one address and itsnt setup as a router? I get how this stuff works sometimes but i get tripped up when stuff does stuff like this. Even if i get it working i will make more mistakes and might end up with bad habits.

What would cause something to hand out IP addresses (one normal one on the 255.255.255.0 subnet) and the other giving me that stuff.

https://i.imgur.com/RVbC2pT.png

https://i.imgur.com/ejn2t2A.png

(see what i meant by %2ff) I know what a normal IPV6 looks like but its giving me some odd variables that dont fit.

Online chpalmer

  • Hero Member
  • *****
  • Posts: 1821
  • Karma: +95/-3
    • View Profile
    • Home of Cablenut
Re: New semi-working setup.
« Reply #6 on: December 31, 2017, 07:41:28 pm »
https://ipinfo.io/AS1668/172.168.0.0/16-172.168.0.0/23

172.168.0.140 belongs to AOL.   I know you probably do not want to hear it but until you fix your "LAN" problem your probably going to continue to have intermittent problems based on the fact that certain programs can be hard coded for the standards.

Easy- drop the 8 and make it 172.16.0.0/24
P.S. statements made by me are not necessarily condoned by the management of this fine organization.  http://badmodems.com