But I’m having trouble getting on to the internet
Both Ethernet ports or working
I see wan and Lan IP address
I have modem cable going to wan
Router cable going to Lan
I want to keep dhcp going on the linksys router
Any help be great
Thanks
Start by asking one of your devices (PC) to show whether it is getting an IP address or not. If Windows, bring up a cmd shell and type ipconfig/all . If the device has an IP address not in your LAN range (169.254. 0.0 to 169.254. 255.255), it’s probably and autoconfig address. If it has an expected IP address, then your firewall rules are probably blocking you. If you don’t get an IP address, you have an issue with DHCP.
I’m on my way to work now
When I get home from work I will take photos of my setup
Do I have to make the linksys router into repeat mod to work with PfSense
If it was me, I would plug both the Pfsense and the Linksys into your switch, make the Linksys the .5 IP but make sure the DHCP configuration is handing out the .1 address for the gateway.
Not sure if you have the option in your Linksys or not to make the gateway a different IP.
Alternatively, unless you have a massive network then it should not be too time consuming to migrate your DHCP configuration onto Pfsense, including any static reservations. Means you can get rid of your Linksys.
What I have on my linksys router
I upgraded it to dd-wrt
I setup NordVPN on it my linksys router
But
On PfSense I was hoping to setup openvpn
To be able to remote to my home computer from out of my home network
But if there’s a way to put both on PfSense firewall please let me know
Or
I would like to keep linksys router with the NordVPN on
Openvpn on the PfSense firewall
Please let me know
I’m going for the following, from your description:
ISP → Modem → (WAN) pfSense (LAN) → Linksys → Devices
If the pfSense is plugged into one of the LAN ports on the Linksys, you need to ensure that the router is configured to use the .5 address as its default gateway, and to pass on that default gateway information through DHCP to everything else in the network.
If you are plugging the pfSense into the WAN port of the Linksys, you need to set up the pfSense and the Linksys to use a secondary subnet (E.g. 192.168.0.0/24) and make the pfSense the .1 and the Linksys the .2 on that network. Then the default routing configuration should work on the Linksys, but opening up internal ports might be trickier.
I’d prefer to put the Linksys in “dumb switch” mode and let the pfSense do the DHCP and DNS duties for the internal network and just plug it into one of the LAN ports on the Linksys.
Is the NordVPN just for incoming VPN connections? Then I’d go with openVPN on the pfSense, it works very nicely. You should be able to set up port passthru for the NordVPN, if you really want to. But disable it to start with, until you get everything else working. Adding VPN into the mix can cause its own problems, so it is better to get the basic configuration working first, then gradually build up until you have everything working again.
I agree, other than devices with static IPs which would need changed.
I don’t really use Nord but do you need to create an outbound VPN as well as receive inbound connections? E.g. be an open vpn client and server? If so the Pfsense can do this. If you simply just want to VPN into your home when remote then you can do this with Pfsense using openvpn or wireguard.
I would like to keep NordVPN on linksys router
And
Openvpn to be able to use laptop computer outside my home network
I never use Wiregrade vpn before
First time using PfSense
Sounds like you need to keep the Linksys inline between your LAN and the Pfsense if you want to keep it and use it to create an outbound tunnel. Again if it was me I would ditch the Linksys and do it all from Pfsense but maybe you’re not that comfortable with it Pfsense yet. There are guides on how to connect to Nord using Pfsense when you’re ready for it.
ISP— Pfsense — Linksys
You should use something like 192.168.2.0/24 between Pfsense and your Linksys. Turn off NAT on the Linksys if you can. Add a static route in the Pfsense for the 192.168.2.0 network with a next hop of the Linksys WAN interface, and add firewall rules if needed to allow the 192.168.1.0 network to access the internet.
I will take some photos of how I got
ISP-PfSense-linksys router hookup
And
Screenshot of my PfSense settings
When I get home from work I’m will be leaving around 5:40pm be home around 6:30pm
I’m not sure
I reinstalled the PfSense on 192.168.1.1
Put linksys router on 192.168.1.5
Still can’t connect to PfSense
But
I can connect with my iPhone Wi-Fi
Do you think maybe I should connect my laptop computer with Ethernet cable to PfSense computer and see if I can get it working
Or
Maybe one of you guys would like to remote connect to the computer???
Let’s get one thing figured out first. What device do you want to face the Internet, and for what reason. Is it the firewall or is it your router? There are different tradeoffs for each choice, but you got to pick one.
The next decision is whether you want double NAT or not. Both devices are cable of running DHCP and providing NAT capabilities. Which one, or both, do you want to do these tasks and why?
If you do want double NAT, for the extra security it will offer, then you should NOT use overlapping IP ranges. Use 192.168.1.x/24 for one and 192.168.2.x/24 for the other (as one possible config.)
To start with, I would try putting pfSense as your primary router, and put your wireless router into AP mode (also known as bridge mode) and plug it into the pfSense. This will turn off a lot of your router’s features, but it will let you experience pfSense as your primary router. You may have to play with firewall rules at this point to get traffic flowing as you like. Once you know how to do all this, you will have figured out pfSense pretty well, and now you can decide if you like the result, or you want to switch to something else.
So
When I use up address 192.168.1.1 for the PfSense
And
Up address 192.168.2.1 for the linksys router
Will I still be able to see my other computer’s on my home network
How are they connected?
If pfSense has 192.168.1.1, then the Router also needs a 192.168.1.0/24 address, otherwise they won’t see each other.
If the pfSense is plugged into a LAN port on the router, the other devices on the network will also need an address in the 192.168.1.0/24 range (I’m assuming you aren’t using any VLANs). The router needs to have the pfSense as the default gateway.
If the pfSense is plugged into the WAN port, the WAN port on the router will also need a 192.168.1.0/24 address, but you can then use a 192.168.2.0/24 address on the internal network and the router remains the default gateway and all devices on the internal network also get a 192.168.2.0/24 address.
Personally, I’d plug the pfSense into a LAN port on the router and put everything in the same address range and finished. Especially if you want to use openVPN/Wireguard on the pfSense.
Any chance any one can please send me a picture of how I should hookup modem-PfSense-router
And
If this is right
PfSense IP address 192.1681.1
Linksys router IP address 192.168.1.2
And
What setting I should have on PfSense
And
What to turn off on the linksys router
I understand what you guys are saying
Do I need to put the DCHP from the PfSense in to the router same as the PfSense
You can only have one DHCP server active. You will need to decide, whether you want the pfSense or the router to be your DHCP server.
From your previous message:
pfSense 192.168.1.1 connected to one of the internal network ports on the router
router 192.168.1.2 set its Standard Gateway setting to 192.168.1.1 (pfSense)
In router, disable DHCP.
In pfSense, set DHCP to offer:
Lease addresses in range 192.168.1.20 - 192.1681.254 (I always leave some addresses free at the front for critical devices that get a fixed address)
DNS - 192.168.1.1
Standard Gateway 192.168.1.1
(If you really want to, you can turn off DHCP in the pfSense and use the router, it doesn’t make much difference, the settings need to be the same, either way.)
This is not true if you’re doing double NAT. I asked the question of whether the OP wants double NAT or not, and still awaiting the answer. Steve Gibson used to recommend the “three dumb router” approach (for isolating IoT from non-IoT) and that implies double NAT.
In the double NAT approach, one router gets its WAN IP address from the other router’s LAN IP range.
Correct, my description was without double NAT, as that is simpler to set up and test.
