Jump to content
Main menu
Main menu
move to sidebar
hide
Navigation
Main page
Recent changes
Help about MediaWiki
FUTO
Search
Search
Appearance
Create account
Log in
Personal tools
Create account
Log in
Pages for logged out editors
learn more
Contributions
Talk
Editing
Introduction to a Self Managed Life: a 13 hour & 28 minute presentation by FUTO software
(section)
Main Page
Discussion
English
Read
Edit
Edit source
View history
Tools
Tools
move to sidebar
hide
Actions
Read
Edit
Edit source
View history
General
What links here
Related changes
Special pages
Page information
Appearance
move to sidebar
hide
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
=== 3. Configuring LAN IP Address === <gallery mode="packed-hover" heights=250 widths=400 perrow=2> File:lu55028jxaty_tmp_ebc6f9c0.png </gallery> <span id="default-lan-ip"></span> ==== 3.1: Default LAN IP ==== After assigning interfaces, '''pfSense''' will show you the default LAN IP address, usually '''192.168.1.1'''. This is the IP address of your router ('''pfSense''') within your local network. Any device that connects to the router will be assigned an IP address in the '''192.168.1.x''' range by default. For instance, your PC may grab an IP of 192.168.1.46, 192.168.1.16, etc., if set to connect automatically via <code>DHCP</code> (Dynamic Host Configuration Protocol). <code>DHCP</code> means when you connect to a router it grabs an IP address/DNS server/etc. to you by default, “Plug N Play” style. This is the default configuration of most devices you will ever connect to the internet unless you went out of your way to re-configure them. This includes your computer, cellphone, game console, IoT devices, security cameras, etc. They’re all connecting via <code>DHCP</code>. <span id="changing-the-lan-ip-optional"></span> ==== 3.2: Changing the LAN IP (Optional) ==== Requirements: You don’t need to change this unless you have a specific reason to do so, such as conflicts with other networks you’re using. I have chosen to change it, and will be working with the following configuration throughout this guide. '''You do not have to follow what I am doing, but if you want to be able to copy & paste along with me addresses of things, feel free to do it this way, it won’t hurt.''' # '''Set Interface IP address''' #* The number for the LAN interface was <code>2</code> in my case # '''Configure the new LAN IPv4 address via DHCP''' #* Choose <code>n</code> #* This isn’t referring to having DHCP so that clients who connect can get an IP address. This means should this interface have a dynamic IP itself, meaning the the router/gateway would have a different IP each time we connect to it. There is no need for this. # '''Enter the new LAN IPv4 address''' #* <code>192.168.5.1</code> is my LAN IPv4 address that I will choose for my router. #* This is where your '''pfSense''' router will be accessible via web browser. This will be your gateway address, and this will be your DNS server. # '''Enter LAN IPv4 subnet bit count''' #* <code>24</code> is the subnet bit count #* (This is shorthand for a subnet mask of <code>255.255.255.0</code>). # '''IPv4 upstream gateway address''' #* Press enter for none. # '''Configure IPv6 address for LAN interface via DHCP6''' #* Press <code>y</code> , we’re not using IPv6 in this guide anyway. #* I hit <code>y</code>, you can hit <code>n</code> and specify an address manually, but I will not be using IPv6 so it makes no difference to me, no need to specify an address I have to remember for something I will never use. #* You’re welcome to set up an IPv6 home network if you want; I am not covering that here. <span id="dhcp-setup"></span> ==== 3.3: DHCP Setup ==== # '''DHCP (Dynamic Host Configuration Protocol)''' automatically assigns IP addresses to devices on your network. This makes it easier to connect new devices without manually configuring IP settings on each one. This is what allows clients to be able to get an IP address automatically as soon as they connect via Wi-Fi or with an ethernet cord into your switch. You want this so that by default people can go online without having to specify their IP manually. # When asked if you want to configure DHCP, choose '''Yes'''. # Set the DHCP range. This is the range of IP addresses that will be assigned to devices on your network. For example: #* '''Start Address:''' <code>192.168.5.2</code> #* '''End Address:''' <code>192.168.5.254</code> # Since we have our router on <code>192.168.5.1</code>, the next address that’s available is <code>192.168.5.2</code> which is the start, and <code>192.168.5.254</code> as the end. # For ''Do you want to revert to HTTP as the webconfigurator protocol'', choose <code>n</code>. No need to use HTTP instead of HTTPS. We’re never going to connect to this without a VPN anyway, so HTTP vs HTTPS isn’t the biggest security deal in the world, but it’s a good practice to use HTTPS whenever possible. This allows up to 254 devices on your local network, which is more than enough for most home setups. If you have more than 254 devices at home, you’re likely not reading a beginner’s guide from a board repair person cosplaying as a sysadmin. If you want to go crazy, you can do a different setup entirely: change the LAN IP to something even less common if you want to avoid conflicts, such as <code>172.16.10.1</code> as a LAN IP, subnet 24. This would allow 254 devices that would be given IPs such as <code>172.16.10.2</code>, <code>172.16.10.30</code>, etc.—and your '''pfSense''' router web interface would be accessible on <code>172.16.10.1</code>. When you connect to other people’s networks, if you don’t disable LAN access in the OpenVPN android client, and their network has a <code>192.168.1.1</code>, and yours has a <code>192.168.1.1</code>… You see where this is going. Chances are they don’t have a <code>192.168.5.1</code> though. <blockquote>'''NOTE:''' If both your home network and a remote network you’re connecting from via VPN use the same IP range, you can end up with routing & connectivity issues. Let’s say you’re at a coffee shop. You connect via wifi. On their network, you are 192.168.1.3. You connect to your home network via your VPN, and you want to connect to your local mailserver… but you both have the same pos linksys wrt54g router, which defaults everyone to 192.168.1.*. so you try to connect to 192.168.1.3. Do you see where this is going? Changing your home network to a less common IP range can mitigate this risk. Always check the IP range of networks you frequently connect to and adjust your home network accordingly. Or, just make yours some weird-ass number that nobody else will be using. The latter works for me. </blockquote> <span id="finishing-up"></span>
Summary:
Please note that all contributions to FUTO may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
FUTO:Copyrights
for details).
Do not submit copyrighted work without permission!
To protect the wiki against automated edit spam, we kindly ask you to solve the following hCaptcha:
Cancel
Editing help
(opens in new window)