Please Help Me Under Stand! What The Issue IS.
-
@chpalmer how do i get these packets to ya?
-
@lawrence1986 I assume you mean that for me from my suggestion of running a PCAP.
Just send a screen shot of the result.
If you are going to take photos with your cell phone please try not to make them full-size images -- even on my 24" screen those are very difficult to read at full size. Screenshots are super easy in Windows using the Snipping Tool (that's still a thing in 10, I think...). -
@rcoleman-netgate Can I just start this thing, stop it then just download the capture and send it to you? I haven't done this before because I didn't know what I was looking at
-
@lawrence1986 Run the capture and see if it even captures anything and we'll go from there. No need to make this more complicated.
-
@lawrence1986 It gave me a big, fat goose egg. I'm just going to snapshot some photos here so that way you can tell me if I'm doing it right.!
-
@lawrence1986 So, as I noted, that means your requests aren't even going to pfSense.
But I asked you to run
ipconfig /alland show us what your computer's settings are set to. If you're not calling pfSense for DNS (you could have it configured for that but your browser is using DNS over HTTPS or DoH) and that will not show up on UDP53.
Again I will comment that your photos are WAY BIG and hard to read. Please consider using Snipping Tool or another screen cap program instead of a cell phone camera.
-
@rcoleman-netgate i forgot! shit ok 1 min
-
@lawrence1986
Thank you - that image is much easier to read.Re-run the previous commands and the packet capture but this time make a few changes:
- Do not limit to UDP and port 53. Set to "any" and leave port blank.
- Change packet size from 100 to 0 (making it unlimited).
Start the capture right before you run your tests and attempts
after that stop the capture. It will attempt to capture ALL the data and that can get very big and unruly.After that is completed you can copy/paste the resulting text here -- it can be a lot of information but it's just a summary of detail and we can get the full pcap from you if needed afterwards.
-
@rcoleman-netgate redid it and I still have 0 packets..... just a white pages with nothing on it
-
@lawrence1986 Re-start the capture with the same settings and ping 10.0.10.1
- Does it respond?
- Does it appear in the capture when you stop it?
-
@lawrence1986 it's responding; it stops and starts but nothing appears in the capture.
-
@lawrence1986 How are you connected to the pfSense? What's your network layout and devices like?
-
@rcoleman-netgate im connect by gui. the network is simple just that modem to my pf box to my switch to my AP
-
@lawrence1986 No.
How do your devices connect? Ethernet? Wireless? What is the wireless you're using? What hardware are you running between there and the pf?
Here's an incomplete one of my own network:
-
@rcoleman-netgate My modem is a Motorola TM1602A MTA, my PFSense box is a Dell Optiplex 3010 with an Intel Dell X3959 Dual Port Gigabit Network Card and 8GB of RAM, and my switch is an HPE Office Connect 1420 8-port switch with no PoE. The WAP is a TP-Link Archer AX3000 how I'm connected is eth my wife as well my brothers both wifi
-
@lawrence1986 Plug directly into the switch, or better yet directly into the pfSense and see if it works to get on the website then
If so the issue isn't pfSense. It's your Archer (esp if you aren't using it in AP Mode but have it routing data) and your switch could be causing issues too.
I suspect you have a poorly configured Wireless.
Your PF is almost certainly NOT the issue.
-
@rcoleman-netgate its in AP mode in the router it labels it as WAP mode its funky like that
-
@lawrence1986 Plug directly into the interface on the pfSense. Remove all the extra hardware to confirm it is not causing issues.
When you pinged the 10.address and it didn't appear on the pfSense capture means that the pfSense isn't at that IP address. Something is in the way and causing all your trouble.
-
@rcoleman-netgate I guess I'm going back to an old router because I can get on red-dead when I connect my modem to the wife's PC, or when I connect the modem plus router, or when I use the modem plus router plus switch, but I can't get on red-dead when I connect my PFSense. I guess since there's nothing wrong with my PFSense, I must just have a huge, wild imagination and be seeing things. I must have been drunk for the past week.
-
@lawrence1986 If you're not willing to connect directly into the pfSense to run your test you can't eliminate the other hardware you have from being the issue.
After you've done that test re-run the DNS calls, the ping, the packet capture, etc. and let us know what you found.