Jail IP change and no internet access

Status
Not open for further replies.

Jailer

Not strong, but bad
Joined
Sep 12, 2014
Messages
4,974
Ok I need someone a lot smarter than me (not that it takes much) to help me figure out something with my jails and an IP change.

What I'm trying to do is run pfsense on some old desktop hardware I have laying around. Getting that up and running and getting everything on my network communicating is no problem. Where I run into problems is with the jails. No matter what I've tried I can't get them to communicate outside my local network.

When I created the jails, a combination of plugins and manually created jails, the IP address range through my dlink router was 192.168.0.xxx. All the jails were configured with static IP's. Pfsense default IP range is 192.168.1.xxx. I changed the IP addresses on freenas and the jails to one outside the DHCP range and set a static route in PF sense for freenas and the jails. This worked fine for freenas but not for the jails. I can connect locally through the new jail IP's and I can ping back and forth to the WAN and other local computers but I can't get any access outside my network from the jails.

Any idea why this is happening? Is there more to getting them to connect than changing the IP and default gateway in the network settings on the jail?
 

cyberjock

Inactive Account
Joined
Mar 25, 2012
Messages
19,526
I'm pretty sure pfsense requires special configuration if your machines are outside the subnet range (things get *really* dicey).

I just use a /24 subnet and I put all my jails and everything in that subnet. The DHCP server owns the entire subnet, but dynamic IPs are only handed out from .2 to .99. .100+ is all static (and I set those in pfsense and let all the machines run by dhcp). I'd recommend you do the same thing because it works better that way. ;)
 

Jailer

Not strong, but bad
Joined
Sep 12, 2014
Messages
4,974
Well I kinda did that. I set the dynamic range to 100-200 and the static IP's started at 201, 202 etc. You'd think they would connect since they were within the subnet range but just outside the dynamic range. It did for freenas IP just not the jails. :confused:

Maybe I'll try re installing pfsense and setting the IP range to the same thing my old router was and see if that works. I just didn't know if there was some configuration in the jails that needed changing for things to work.
 

Jailer

Not strong, but bad
Joined
Sep 12, 2014
Messages
4,974
Well that worked. Reinstalled pfsense and set the ip subnet range to match my old routers settings and it's up and running and everything is connected now.

Must be something that gets written in a configuration file in the jail when they are created that locks the IP settings? :confused:
 
Status
Not open for further replies.
Top