Hi. I have gigabit fiber up/down with a provider on the Cityfiber network. I currently have a Draytek 3900 router - which is nice, but doesnt have 10gig in it. So i managed to get hold of something called a FORCEPOINT 1100 10gig router. It has PFSense on it. I have never used PFSense before and am trying to learn how to make it work, before I fully deploy this (else lots of angriness from mrs). 1. I managed to get the VLAN-tagging working on the WAN, as well as MAC clone so now it does see the internet. 2. I am struggling with DHCP rules - in my current router I can assign reserved DHCP bits to various parts of my network - like my homeassistant, my plex, and my CCTV bits and bobs. These are all on the 192.168.0.x address range. PFSense DOES NOT let me reserve these bits of the DHCP if the range is 192.168.0.1-254 - how do I get around this? Option 1. 1. Move CCTVs to 192.168.2.x 2. Move server/home bits to 192.168.3.x 3. Leave the DHCP pool as it currently is - 192.168.0.x I dont know how I am supposed to set this so I can use WiFi to login to the CCTV bits, or the server bits - something about subnets but im really not sure I understand how I am supposed to set it. Option 2. 1. Set the DHCP reserved bits to a narrow bit that is not currently 'reserved' - the problem is my CCTVs are on the 200s, APs and routers are on the 10s, and a home bits are between 20-50s. Any help of what I should do?
On pfsense, unlike most linux/dnsmasq based routers, static leases cant be in a dhcp range. Basic workflow is to use lets say x.x.x.100-250 range (set in services->dhcp server) for dhcp and x.x.x.1-99 for static leases (so option 2). In either case you'll need to rearrange your network. Though ideally CCTV stuff should be on its own isolated vlan. Id also put router/ap managment on its own vlan if they allow it. Also also, if there is a chance you'll be setting up you own vpn, id suggest you move away from 192.168.0.x subnet to some higher ones (192.168.1xx.x or 10.x.x.x).
Thanks for that - ill move everything over - problem is, all my cameras have their own web settings in which the IP settings are, but ill just move them across. and the shelly's