Super Confused - LAN Gateway

Jarhead

@bearhntr
Listen, you wanna keep trying what you are now, go for it. But you're being foolish.
Just connect the wan of vm to your existing lan and be done with it.
You can then add a rule on the vm wan to allow access through it for configuring it if you need to.

From orig pfSense, can you ping the new vm pfSense 10.9.28.254?

bearhntr

@chpalmer

This is from my home PC (192.168.10.xxx) -

Jarhead

@bearhntr
Try from pfSense.

If it's no good, it's not connected properly.

bearhntr

@jarhead

Jarhead

@bearhntr
So fix the connection before anything else.
Layer 1 problem.

bearhntr

This is what I do not understand....

from PF2 -- (which is 10.9.28.254/24)

chpalmer

@bearhntr I would make the OPT1 Net the source.. on your PF1 firewall rules page.. Probably just me though..

chpalmer

Set your 10.9.28.11 statically and set its gateway to .250.. you will then be able to get to the internet with that machine if your first pf is working correctly.

Once you get there then you can tear your hair out on making your pf2 LAN port into another WAN port.

chpalmer

Can you also show this page from pf2?

/system_gateways.php

Jarhead

@bearhntr said in Super Confused - LAN Gateway:

This is what I do not understand....

from PF2 -- (which is 10.9.28.254/24)

They're not connected.
Are you using a virtual switch?
How are you connecting the two routers?
Is the pc you were connecting to the VM a physical machine? If so, disconnect it and use that cable to connect to OPT on router 1. Does it ping that way?

bearhntr

@chpalmer said in Super Confused - LAN Gateway:

@bearhntr I would make the OPT1 Net the source.. on your PF1 firewall rules page.. Probably just me though..

Tried this -- did no good. Still cannot ping PF2 from PF1 and vice versa using pfSense.

bearhntr

@chpalmer said in Super Confused - LAN Gateway:

Can you also show this page from pf2?

/system_gateways.php

Please explain how to do this. The image above in WHITE is from PF2 >> STATUS >> GATEWAYS.

I went to the SHELL, and I do not see the file you mention.

Jarhead

@bearhntr Just do this.
Make the OPT 10.10.1.1/30
Make the VM WAN 10.10.1.2/30
Connect the two. Make sure to uncheck block private networks on VM WAN.
You'll now have internet on the VM.
You can allow the original LAN through the VM firewall if you want or just configure it from the VM LAN.

bearhntr

@jarhead

The PF1 (192.168.10.254/24) is an HP T620+ ThinClient with a 2-port NIC installed in the expansion slot. The built in NIC is used for OPT1, and the port 0 on the 2-port card is WAN to my cable modem, port 1 is LAN to my Wireless AP (Netgear ORBI).

The PF2 (will be 10.9.28.254/24) is the new one on the Proxmox. There are 5 ports on this box (on-board NIC is the console port for Proxmox and is set to 192.168.10.250/24 (this will change once I get 10.9.28.xxx/24 working) and connects to one port on the ORBI. The 4-port card in the PCIe slot is as follows:

*port 0 = (to be the new WAN - is vmbr1 (Linux Virtual Bridge) to this port {I have another posting to see if this should be virtualized or or IOMMU PCI port into pfSense VM.

port 1= (is to be the new LAN - is vmbr2 (Linux Virtual Bridge) to this port.*

That leaves me with 2 ports not in use.

From the LAN port on the Proxmox - I have a cable plugged into a hub, in turn from there another cable in to the OPT1 port on the PF1 box (which is static 10.9.28.250/24) - have even tried a cable directly from OPT1 to PF2-LAN made no difference. I put the HUB there in case I wanted to plug a laptop in there to test as well. When I get his working - the HP T620+ will be OFF and stored incase I need a replacement some day.

See if this helps:

bearhntr

I am wondering if I have a bad or crazed network card.

I am getting tons of these in the Proxmox SHELL - running 'dmesg'

[ 1248.474520] pcieport 0000:00:1d.0: AER: Multiple Corrected error received: 0000:00:1d.0
[ 1248.524181] pcieport 0000:00:1d.0: PCIe Bus Error: severity=Corrected, type=Physical Layer, (Receiver ID)
[ 1248.524207] pcieport 0000:00:1d.0:   device [8086:a118] error status/mask=00002001/00002000
[ 1248.524231] pcieport 0000:00:1d.0:    [ 0] RxErr                 
[ 1248.667371] pcieport 0000:00:1d.0: AER: Multiple Corrected error received: 0000:00:1d.0
[ 1248.691962] pcieport 0000:00:1d.0: PCIe Bus Error: severity=Corrected, type=Physical Layer, (Receiver ID)
[ 1248.691989] pcieport 0000:00:1d.0:   device [8086:a118] error status/mask=00000001/00002000
[ 1248.692011] pcieport 0000:00:1d.0:    [ 0] RxErr                 
[ 1252.456633] pcieport 0000:00:1d.0: AER: Multiple Corrected error received: 0000:00:1d.0
[ 1252.456677] pcieport 0000:00:1d.0: PCIe Bus Error: severity=Corrected, type=Physical Layer, (Receiver ID)
[ 1252.456703] pcieport 0000:00:1d.0:   device [8086:a118] error status/mask=00002001/00002000
[ 1252.456725] pcieport 0000:00:1d.0:    [ 0] RxErr                 
[ 1260.319756] tg3 0000:01:00.1 enp1s0f1: Link is down
[ 1260.319878] vmbr2: port 1(enp1s0f1) entered disabled state
[ 1299.343586] pcieport 0000:00:1d.0: AER: Multiple Corrected error received: 0000:00:1d.0
[ 1299.392764] pcieport 0000:00:1d.0: PCIe Bus Error: severity=Corrected, type=Physical Layer, (Receiver ID)
[ 1299.392790] pcieport 0000:00:1d.0:   device [8086:a118] error status/mask=00002001/00002000
[ 1299.392814] pcieport 0000:00:1d.0:    [ 0] RxErr                 
[ 1299.486874] pcieport 0000:00:1d.0: AER: Multiple Corrected error received: 0000:00:1d.0
[ 1299.535945] pcieport 0000:00:1d.0: PCIe Bus Error: severity=Corrected, type=Physical Layer, (Receiver ID)
[ 1299.535970] pcieport 0000:00:1d.0:   device [8086:a118] error status/mask=00002001/00002000
[ 1299.535994] pcieport 0000:00:1d.0:    [ 0] RxErr                 
[ 1373.798280] pcieport 0000:00:1d.0: AER: Multiple Corrected error received: 0000:00:1d.0
[ 1373.822409] pcieport 0000:00:1d.0: PCIe Bus Error: severity=Corrected, type=Physical Layer, (Receiver ID)
[ 1373.822435] pcieport 0000:00:1d.0:   device [8086:a118] error status/mask=00000001/00002000
[ 1373.822458] pcieport 0000:00:1d.0:    [ 0] RxErr                 
[ 1376.440381] pcieport 0000:00:1d.0: AER: Multiple Corrected error received: 0000:00:1d.0
[ 1376.489879] pcieport 0000:00:1d.0: PCIe Bus Error: severity=Corrected, type=Physical Layer, (Receiver ID)
[ 1376.489905] pcieport 0000:00:1d.0:   device [8086:a118] error status/mask=00002001/00002000
[ 1376.489928] pcieport 0000:00:1d.0:    [ 0] RxErr

bearhntr

This post is deleted!

bearhntr

This post is deleted!

bearhntr

@jarhead said in Super Confused - LAN Gateway:

@bearhntr Just do this.
Make the OPT 10.10.1.1/30
Make the VM WAN 10.10.1.2/30
Connect the two. Make sure to uncheck block private networks on VM WAN.
You'll now have internet on the VM.
You can allow the original LAN through the VM firewall if you want or just configure it from the VM LAN.

I did as you suggested -- not only is the Web Interface even slower now -- I also get this when I go to PF1 and ping PF2 (WAN Address)

Jarhead

@bearhntr
So, again, they aren't connected. Fix that first.

Set a pc to 10.10.1.2/30, connect it to the OPT port, can you ping 10.10.1.1?

Then set that pc to 10.10.1.1/30 and connect it to the VM WAN. Can you ping it 10.10.1.2?

bearhntr

@jarhead

I have reset the network on the Win7-VM and rebooted - it is pulling a DHCP Address from the PF2 - but still has no INTERNET.

the RULES for OPT1 (on the PF1)

From PF2 (VM) --- WAN

From PF2 (VM) --- LAN

FIREWALL - PF2