Categories

• TNSR

  Discussions about TNSR

  TNSR Announcements TNSR Feedback Problems Installing or Upgrading TNSR Software
  434
  Topics
  1.4k
  Posts

  R

  @gigabitguru Pro tip - if you have an active tnsr software sub you should open a ticket. You can see, from the parent category, that there's not a lot of tnsr activity over here.

  I am not someone that can help you out -- but simply directing you to TAC if you need/want more responsive suggestions.

  Cheers.

• pfSense® Software

  Discussions about pfSense Software, click a category below

  Messages from the pfSense Team General pfSense Questions Multi-Instance Management Problems Installing or Upgrading pfSense Software Firewalling NAT HA/CARP/VIPs L2/Switching/VLANs Routing and Multi WAN Traffic Shaping DHCP and DNS IPv6 IPsec OpenVPN Captive Portal webGUI Wireless SNMP Documentation Development Gaming Virtualization Hardware Bounties Retired
  119.4k
  Topics
  755.7k
  Posts

  N

  @stephenw10 said in Connectivity lost after clearing ARP table:

  Hmm, interesting. So you actually see that address shown as current in the dhcp leases after reconnecting? But it's not in the arp table?

  If you try to ping out from pfSense to 10.1.1.100 does that re-create the arp table entry?

  ping -c5 10.1.1.100 before clearing arp table is successful as you can see below:

  [2.8.0-BETA][admin@pfSense.home.arpa]/: ping -c5 10.1.1.100 PING 10.1.1.100 (10.1.1.100): 56 data bytes 64 bytes from 10.1.1.100: icmp_seq=0 ttl=64 time=3.432 ms 64 bytes from 10.1.1.100: icmp_seq=1 ttl=64 time=1.838 ms 64 bytes from 10.1.1.100: icmp_seq=2 ttl=64 time=1.840 ms 64 bytes from 10.1.1.100: icmp_seq=3 ttl=64 time=1.898 ms 64 bytes from 10.1.1.100: icmp_seq=4 ttl=64 time=79.029 ms --- 10.1.1.100 ping statistics --- 5 packets transmitted, 5 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 1.838/17.607/79.029/30.717 ms [2.8.0-BETA][admin@pfSense.home.arpa]/:

  Executing ping -c5 10.1.1.100 after cleanup does not recreate arp entry and there is no response.

  [2.8.0-BETA][admin@pfSense.home.arpa]/: ping -c5 10.1.1.100 PING 10.1.1.100 (10.1.1.100): 56 data bytes ping: sendto: Invalid argument ping: sendto: Invalid argument ping: sendto: Invalid argument ping: sendto: Invalid argument ping: sendto: Invalid argument --- 10.1.1.100 ping statistics --- 5 packets transmitted, 0 packets received, 100.0% packet loss [2.8.0-BETA][admin@pfSense.home.arpa]/:

  And again, restarting dhcp server brings everything back to life.

  The dhcp lease is odd because that implies pfSense has sent some traffic to the client and must have known the MAC to do so. 🤔

  Ok. Im currently connected to vlan 55 network and everything is working fine.

  I executed arp -a |grep 10.1.1.100 and my pc address is clearly showing up in arp table as you can see below:

  [2.8.0-BETA][admin@pfSense.home.arpa]/: arp -a |grep 10.1.1.100 ? (10.1.1.100) at mac_address on igb5.55 permanent [vlan] [2.8.0-BETA][admin@pfSense.home.arpa]/:

  Then i log into pfsense web gui and perform arp clean and i immediately lose all connectivity. I then go to my switch, pull out the network cable and plug it into a port that has vlan 75 (management vlan) assigned to it, and now im able to access web gui and connect via ssh.

  Once logged into a console, i executed arp -a |grep 10.1.1.100 and i got no search results for my ip as you can see below:

  [2.8.0-BETA][admin@pfSense.home.arpa]/: arp -a |grep 10.1.1.100 [2.8.0-BETA][admin@pfSense.home.arpa]/:

  Just to make sure that im receiving ip address from pfsense dhcp, i plug my cable back into a vlan 55 tagged port without resetting any services, and i receive ip address, but there is no connectivity at all. Then i execute arp -a 10.1.1.100 just to make sure that ip address is not there, and sure enough, its missing as you can see below:

  [2.8.0-BETA][admin@pfSense.home.arpa]/: arp -a | grep 10.1.1.100 [2.8.0-BETA][admin@pfSense.home.arpa]/:

  Now i go back to my switch again, i disconnect the cable from vlan 55 network, and plug it back into my vlan 75 management network. Then i connect to pfsense via web gui and restart dhcp service. I reconnect my cable back to my vlan 55 network and all connectivity is restored. Of course, executing arp -a |grep 10.1.1.100 produces this output again.

  [2.8.0-BETA][admin@pfSense.home.arpa]/: arp -a |grep 10.1.1.100 ? (10.1.1.100) at mac_address on igb5.55 permanent [vlan] [2.8.0-BETA][admin@pfSense.home.arpa]/:

  Is there any reason you are using static ARP entries?

  For security reasons.

  However, connection still hangs with or without static arp entires. It makes no difference at all.

• pfSense Packages

  Discussions about pfSense software packages

  Cache/Proxy IDS/IPS Traffic Monitoring pfBlockerNG UPS Tools ACME FRR Tailscale WireGuard
  20.1k
  Topics
  126.7k
  Posts

  M

  I think pfSense has bugs. I uninstall pfBlockerNG and install the pfBlockerNG-devel and I still have the same problems.
  Furthermore, I add manually list to permit the specific IPs of starlink...
  49526da4-6011-45e1-85ef-53b9af36df86-image.png
  .... the rules are in the top of list in Floating rules but pfSense ignore it
  58af0305-9903-43cd-961b-a7abe09591b2-image.png
  d93b1fca-8743-43af-8ce6-c3d78cdb973e-image.png

  I added manually the specific IPs in floating rules. Tomorrow, I will check if this tricks works.
  fdc341b3-36f9-4638-bd37-f10ac905b1e7-image.png

  Also, I disabled cron in pfBlogerNG and it is still running ! How to fix this bug?
  8ac5d95d-17bb-4515-9b2e-31bbb9f53b0b-image.png
  92a41c31-b461-4a70-aec7-689e40c891da-image.png

• pfSense International Support

  Discuss pfSense in other languages

  Chinese Deutsch Español Français Indonesian Italiano Russian Nederlands Norwegian Portuguese Polish Romanian Swedish Turkish
  42.5k
  Topics
  266.6k
  Posts

  D

  Boa tarde pessoal, tudo bem?
  Hoje eu utilizo o pfsense virtualizado no Hyper-V, utilizo VLANS em outras VMs e também em minha rede local.
  Precisei configurar via PowerShell para a VM do Firewall ficar como Tagged e passar as VLANS que irei utilizar, porém não passa nenhum tráfego quando eu conecto o cabo do servidor para a minha LAN.
  No Servidor, hoje existe 2 interfaces ativas, 1 LAN e outra que entra a WAN, criei um vSwitch para cada uma delas e anexei no pfsense.
  1497e528-0375-456a-9f8c-409fc1a9c81d-image.png

  344c3095-8e04-4faa-ade1-c43a64d2c6e4-image.png

  269e9ea0-4b4d-4410-b116-a5939917ecb2-image.png

  A interface LAN, tem IP FIXO
  7303ed7f-b40c-4b81-9ad9-42fcb969bee4-image.png

  Essa é a VM do firewall
  153f3b23-e721-4a15-9576-7822863879fe-image.png

  Configurei as VLANS direto pelas interfaces.

  Nas VMS o tráfego funciona corretamente, mas passando para rede física, não.

• Official Netgate® Hardware

  Information about hardware available from Netgate

  2.5k
  Topics
  20.0k
  Posts

  J

  Has this been be added as a redmine so it can be merged ? This fix should be used to mitigate the high risk of failure.

• Netgate Announcements

  Information about hardware available from Netgate

  44
  Topics
  211
  Posts

  A

  It looks like unified web management could be coming soon. It would be great if it means easier control and management of all web services in one place. Let's see if any companies announce more details about it!

• Off-Topic & Non-Support Discussion

  Feel free to talk about anything and everything here

  Forum Feedback Community Job Board
  3.5k
  Topics
  18.7k
  Posts

  M

  now blocking DOH also.

  6499b3e2-5591-4b9f-a72e-55b00b31479c-image.png