LAN Traffic Problem
-
@sergio77
So the ping works from pfSense WAN, but not from LAN. This almost indicates that the outbound NAT doesn't work properly.
However, there is an automatic rule in place for the LAN network.
Did you try to reboot pfSense?Is pfSense installed in a VM? If so, which hypervisor?
-
@viragomann updated and rebooted yesterday...
Yes, It's a virtual server on Esxi 6.7.0 Update 3 (Build 17167734).
-
@sergio77
There should be nothing special on ESXi, as long as you're not running an HA system with CARP.To investigate if the outbound NAT is working properly run a packet capture on the WAN interface, while you ping a public IP from a LAN device.
You should see packets going out from the WAN address. -
@viragomann I did the test, but my capture log is empty...
-
@sergio77
In the host box enter the destination IP you“re pinging not a source. -
@viragomann nothing is changed :-(
-
@sergio77
Maybe nothing from the VM is coming to pfSense?
Check that out by capturing ICMP packets on the LAN interface, while you try to ping a public IP on the VM.If there is also nothing you're VM may use a different gateway, not pfSense LAN IP, or there is something wrong with the ESXi network.
-
@viragomann This is the result...
-
@sergio77
Did you specify an gateway IP address in the LAN interface settings? If so remove it, please. -
@viragomann It doesn't seem...
-
@viragomann another screen from LAN Server...
-
@sergio77
Yes, the VM might be okay. The upstream packets are arriving on pfSense LAN and you might see also the ICMP packets as passed in the firewall log.
Can't understand, why there is nothing on the WAN.Do you have a basic interface configuration on pfSense, no CARP?
Did you the ESXi configuration accordingly to the pfSense docs: Virtualizing pfSense with VMware vSphere / ESXi
-
@sergio77 check your firewall rule on lan interface allow all lan traffic for protocol any and ipv4 is available?