pFSense Beginner - How to Configure WAN
-
@rcoleman-netgate One SSD and that's all. One NIC with 4 ports and my humble goal was to just configure one as WAN and one as LAN and try to get it to work for an internet connection. That's it. Real simple. So far I have failed and probably won't work on it again until next weekend.
Thx, Chris -
@chrisan I would verify that you wrote 2.6-RELEASE to the flash drive (by writing it again) and giving it another run. There's no reason a new install should show 2.5.2 unless it failed to commit the write to a drive that it was already on. That said it could explain the factory reset not working if your SSD is switched to read-only mode.
-
@rcoleman-netgate Ryan, I have already installed it at least twice but I will try again just for grins. And I tend to agree, I think their is a write issue with the SSD.
-
@chrisan Tried again, twice. No success. Going to knock off for the evening. Thx for the help so far.
-
That sure reads like a bad SSD. I would expect to see a bunch of errors at boot and during the install though.
As a test you can probably install to another USB drive and then boot from that. I would not recommend doing that for anything but a test though.
Steve
-
Merry Christmas and happy holidays everyone!
I had a few moments today to dive back into my pFSense project. Here is where I am at:- Successfully installed V2.6
- Verified NIC ports using the autodetect option so I know I'm plugged in correctly
- Configured WAN to DHCP both V4 and 6
- Configured LAN to the default IP options
- Got into the webGUI and worked through the setup wizard until I got to the Setup Completed screen
- The last setup wizard screen presented some options like "take a survey." I couldn't connect on any of them. And couldn't connect on some popular websites like Yahoo that I tried. I tried to reset the cable modem a couple times with no luck.
My setup: Netgear Nighthawk cable modem ===> pFSense computer ===> desktop computer with a known good NIC. That's it nothing else.
Any thoughts would be appreciated. Thx
A couple shots from my work today:
-
Normally, you set the WAN to DHCP and the ISP provides all the details. I haven't had a manual config since I first got an Internet connection, back in the early 90s, when I used SLIP over a dial up modem.
BTW, you may want to use a newer version of pfSense. The current version is 2.6.0. Do an update when you get connected.
-
No need to hide RFC1918 addresses. They're irrelevant off your LAN.
-
My WAN is configured to DHCP. I'm already on version 2.6.0. I didn't really configure anything manually, just went with the defaults and then got into the webgui and went through the setup wizard.
-
@chrisan Here is the sequence that finally got my computer connected to the web:
- Reset Net gearCM1100 modem by pulling power and waiting 30 seconds or so, plug back in.
- Plug WAN cable into pFSense box
- Hit option 4 to "reset to factory derfaults" and reboot pFSense
Chris
-
@jknott In this case it might actually be the PROBLEM.
If the modem is giving the same subnet as their LAN they will lose GUI access.
Ryan
Repeat, after me: MESH IS THE DEVIL! MESH IS THE DEVIL!
Requesting firmware for your Netgate device? https://go.netgate.com
Switching: Mikrotik, Netgear, Extreme
Wireless: Aruba, Ubiquiti -
@chrisan Makes sense. I suspect you have a public IP now.
The Netgear Cable Modems (CMs) are known to give a private (RFC1918 or 192.168.100.x) address before they negotiate with the upstream service. And the lease they give to pfSense is short (like 1-5 minutes) to force a refresh and reassignment.
It's annoying but ... better than nothing.
Ryan
Repeat, after me: MESH IS THE DEVIL! MESH IS THE DEVIL!
Requesting firmware for your Netgate device? https://go.netgate.com
Switching: Mikrotik, Netgear, Extreme
Wireless: Aruba, Ubiquiti -
@rcoleman-netgate said in pFSense Beginner - How to Configure WAN:
If the modem is giving the same subnet as their LAN they will lose GUI access.
????
The DHCP server determines the LAN address. Where are you trying to access the GUI from? You normally access it from the LAN, which means pfSense should have an address within the same subnet as the LAN and the WAN side should have a completely different subnet. Also, you might want to put the modem into bridge mode.
Lets start from the beginning.
You normally configure the WAN side of pfSense to use DHCP. DHCP provides the subnet and addresses to devices, in this case pfSense.
PfSense in turn provides the subnet and addresses to devices on your LAN.
The LAN and WAN must have different subnets.BTW, you may want to configure your modem for bridge mode.
-
@jknott said in pFSense Beginner - How to Configure WAN:
????
The DHCP server determines the LAN address. Where are you trying to access the GUI from? You normally access it from the LAN, which means pfSense should have an address within the same subnet as the LAN and the WAN side should have a completely different subnet. Also, you might want to put the modem into bridge mode.If your WAN is handing out 192.168.1.x and your LAN is set to 192.168.1.x you will have issues.
Ryan
Repeat, after me: MESH IS THE DEVIL! MESH IS THE DEVIL!
Requesting firmware for your Netgate device? https://go.netgate.com
Switching: Mikrotik, Netgear, Extreme
Wireless: Aruba, Ubiquiti -
@rcoleman-netgate said in pFSense Beginner - How to Configure WAN:
It's annoying but ... better than nothing.
Would the reject leases option help here?
-
Yes. But if you have your LAN on the same network as the CM management IP it won't let you use the CM's static route to that.
Ryan
Repeat, after me: MESH IS THE DEVIL! MESH IS THE DEVIL!
Requesting firmware for your Netgate device? https://go.netgate.com
Switching: Mikrotik, Netgear, Extreme
Wireless: Aruba, Ubiquiti -
@rcoleman-netgate said in pFSense Beginner - How to Configure WAN:
If your WAN is handing out 192.168.1.x and your LAN is set to 192.168.1.x you will have issues.
If you know the modem is handing out that subnet, why are you setting the LAN to the same subnet? You are creating a situation that cannot work. You have the rest of 192.168.0.0/16, plus all of 172.16.0.0/20 and 10.0.0.0/8 to choose from.
-
Once again, why are you setting the LAN to the same subnet as what the modem is providing? That cannot and will not work. Pick a different subnet for your LAN>
-
@jknott said in pFSense Beginner - How to Configure WAN:
Once again, why are you setting the LAN to the same subnet as what the modem is providing? That cannot and will not work. Pick a different subnet for your LAN>
If someone CAN do something you better believe that they're going to come to TAC with that problem.
-
@rcoleman-netgate said in pFSense Beginner - How to Configure WAN:
@jknott said in pFSense Beginner - How to Configure WAN:
Once again, why are you setting the LAN to the same subnet as what the modem is providing? That cannot and will not work. Pick a different subnet for your LAN>
If someone CAN do something you better believe that they're going to come to TAC with that problem.
The problem that I posted was that I couldn't access the internet through my pFSense box and that I needed some help configuring the WAN. I believe I also stated pFSense was new to me. I'm no expert by any means, not even close. Anyway, pFSense is now retrieving the appropriate subnet from the modem and at least this portion of my project is completed and working. Thx.
