In the PFsense docs it tells you to use the ‘alias’ option in the web interface… but this won’t work for routed (non-NAT) interfaces that require more than 1 subnet attached to them. To overcome this, I utilized this article:
http://doc.pfsense.org/multiple-subnets-one-interface-pfsense.pdf
In summary:
Log into the webGUI, and click Diagnostics -> Backup/Restore. Click the “Download configuration” button. Open the xml file downloaded in a text editor, like Notepad. Above the line, insert the following:
<shellcmd>ifconfig fxp0 inet 192.168.2.1 netmask 255.255.255.0 alias</shellcmd>Replacing fxp0 with the name of the interface you’re using, and the IP and subnet mask as appropriate. You can find the name of the desired interface in the config file. For example, for LAN, see this portion of the config.
<interfaces> <lan> <if>fxp1</if>This is showing the LAN interface as fxp1.
In order to add the alias without rebooting the whole firewall, SSH into the box and issue the shellcmd command manually:
ifconfig fxp0 inet 192.168.2.1 netmask 255.255.255.0 aliasThen edit /conf/config.xml manually using vi so next time the router reboots you don’t lose the subnet.
I did lose a subnet once when changing or add some interfaces through the GUI… so keep in mind when making interface changes that you may have to manually keep re-adding the subnets in the shell… I have not had an opportunity to find a work around for this.
Comments are closed.