NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

Zaphod-17's avatar
Zaphod-17
Tutor
Jun 25, 2024
Solved

Nighthawk CM2000, RAXE300, pfSense CE, XS712Tv2 12-Port 10G Managed Switch Setup

Bought the Nighthawk CM2000 and RAXE300 to replace Spectrum ISP gear needing to eliminate the double NAT as I never succeeded in direct connection of Spectrum modem to the pfSense router. Without the...
  • plemans's avatar
    plemans
    Jun 27, 2024

    I'd be more wondering if its an issue with pfsense and how its negotiating a public/private IP address setup from the ISP. 

    I've dabbled in a few aftermarket 3rd party software but never pfsense. They've been a bit more complicated and not as user friendly in my experience. And I didn't do it enough to be worth the time so went back to direct modem---router setups. So not much help but based on prior experience, I'd be on the pfsense forums asking assistance. 

FURRYe38's avatar
FURRYe38
Guru - Experienced User
Jul 01, 2024


Any Criticals, Errors or Warnings seen in the event logs needs to be reviewed and resolved by the ISP. Indicates a signal issue on the ISP line up to the modem.

Zaphod-17's avatar
Zaphod-17
Tutor
Jul 01, 2024

Will do! The coax cable runs outdoors along the walls to a splitter 4ft above ground utterly exposed to the elements. Running it indoors would probably help the signal.

In the weeds however with the RAXE300 router. Initially twas set as Access Point, but as pointed out above, doing so thwarted its purpose. IOT devices, Ring doorbells and whatnot need isolating VLANs as does the Guest Network.

The RAXE300 is connected to the 10GB NetGear XS712v2 Managed Switch by CAT8 cable to its 2.5Gbps WAN. It receives an IP address via redundant Windows Server DHCP which pre-dated the pfSense. As a router, RAXE300 maintains its own 192.168.1.0/24 DHCP routing for Wi-Fi devices. Even a computer wired to a RAXE300 ethernet port would also receive a 192.168.1.0 and ought not actual see the 172.16.0.0 network one would suppose.

So to further isolate first the IOT devices, VLAN capability is necessary for all these: the RAXE300 router, XS712v2 Managed Switch and pfSense Gateway. So of must needs the RAXE300 with full router capabilities.

One would expect the NetGear Managed Switch manual would be brim full of VLAN info but it is sorely lacking. More reading, more planning.