PfSense is unreachable after install
-
-
@mathomas3 192.168.1.1 is the existing router that is pingable from existing machines... ie the old router is still on the network... I am using a dummy USB router for this test build
-
Mmm, OK that looks fine.
The ping there shows no response not 'host is down' which implies it is responding to ARP.
The client at 192.168.1.1 may be blocking those ping requests.
You should be able to ping 192.168.1.2 from the client though. Assuming the client has the correct subnet configured.
-
@stephenw10 included in this screenshot is a ping from my computer to both the old and new routers, and from the old router to the new... I did change the IP of the router to a .3(Found out that .2 is for smart switch)
-
Hmm, well host unreachable implies it isn't responding to ARP. So that's something low level like a bad cable or a bad port somewhere.
-
@stephenw10 I was thinking this too that hardware might be an issue... that's why I loaded up Mint to validate everything and it worked fine...
Dont know what's going on
-
@mathomas3 so pfsense ip is 192.168.1.3? and your router is 192.168.1.1.. If pfsense does not show an arp entry for 192.168.1.1 then no you would never be able to ping it..
How exactly are you access pfsense gui via your screenshot - and it can't even ping itself?
What IPs are what exactly? And where are you accessing the gui from?
-
I was assuming the old router is also pfSense.
-
@stephenw10 correct... my old router is PfSense... and the new one is just with newer hardware(none failing hardware)...
the old hardware is 192.168.1.1 and the new hardware is currently at 192.168.1.13
everything(except 192.168.1.3) can ping 192.168.1.1 but nothing can ping to/from 192.168.1.3
How can I identify the NIC within the software... I can boot to Mint if needed... but the bios only provided a MAC address for the NIC atm...
-
@mathomas3 The whole reason for this change is that the USB modem falls offline after continues load... feels like the chipset is failing with the continued power draw of this modem...
I am hoping that this new board can cope with the power draw of it...
-
@mathomas3 said in PfSense is unreachable after install:
How can I identify the NIC within the software...
Identify it how?
At the console drop to the command line (option 8) and run:
ifconfig -vm em0That will show you the MAC address and the link status. Unplug the NIC and re-run it. Make sure the link state has changed.
-
@stephenw10 I was able to get into the console and validated that media was connected and disconnected when I pulled the cable... just for grins I tried pinging google.com and it worked(dummy modem is still active strangely)
after disconnecting the WAN connection I tried pinging google again and it failed
Another thing that I tried (due to the managed switch that I have) I cleared all of the stats for this net router and tried to generate traffic by pinging from it and trying to access the web interface... this is what I got... Port 3 is what it's connected on
If im reading that right... data is being sent To the router but nothing is coming backI also tried a different known good cat5 and im still getting the same results
Nothing makes sense here
-
@mathomas3 Im going to have to rerun the Mint test... it could have been using the WAN port to access the net... to validate the NIC isnt damaged
-
Ok... hardware and setup confirmed to be working... the only issue here is PfSense...
I just booted into mint and confirmed that I was able to access the internet and also ping the current router...
What could be the issue here everyone? hardware is confirmed to be working... I have installed pfsense a number of times and the basic setup of this system(which I have done a number of times) isnt working...
-
anyone have a clue here? I think that I have tried everything on my end to resolve user error/hardware errors
is there someone more technical that can provide assistance?
could the builtin firewall be blocking traffic? How would one determine this?
-
@mathomas3 said in PfSense is unreachable after install:
could the builtin firewall be blocking traffic? How would one determine this?
Firewalls don't block ARP that I have ever seen..
If pfsense can not arp for 192.168.1.1, then it would never be able to ping it. Look in your pfsense arp table..
Do a packet capture on pfsense, do you see it send arp - do you not get an answer?
This old router at 192.168.1.1 - how exactly is it connected? Could you put up a drawing of how pfsense and this old router are connected.. Is pfsense lan interface directly connected to a lan port of this old router? Is there some other switch between them?
When you ping from this 1.232 IP with mint, is that actually running on the same hardware your installing pfsense too? Is that some other box?
That mint box is showing en01, while pfsense is showing em1 - en01 is normally a embedded nic, that is like on the soc, while em01 would be a actual card in the device and not the soc interface.
-
Make sure the em0 MAC address shown in pfSense matches that shown in Mint.
Seems very unlikely it wouldn't though since we could see it correctly showing the link change in pfSense when you physically disconnected it.
Try running
ifconfig -vvvm em0. Make sure you don't have some obscure hardware offloading value enabled.
I've never seen that on an em NIC but...Steve
-
@stephenw10 @johnpoz I hope this finds you well... Sorry for the long delay... I was a bit frustrated with the thing so I decided to take a little time off... I have read all of your comments and I hope that I answered them all well... Things have not changed at all... So to try and bring everything up to speed...
I have two pfsenses on my network both connected via ethernet cables that run through a switch(that's how they should be able to communicate with each other and any computer be able to ping either device) and both using a usb hotspot as the WANI cant speak as to why mint and pfsense show different em1 vs em01... This system is a very small computer that would be used for a register or a very low powered display... clearly not a workstation so everything should be SOC
Problem. the LAN port doesnt work when running pfsense but works running mint
NewBox(things I have tried) 192.168.1.3
reset and ensured IP settings are correct
reinstalled the os and reset IP settings a number of times
I have validated wiring and hardware by booting into Mint and pulling an IP and pinging the OldBox(192.168.1.1)
I have setup an isolated network just for NewBox using separate hardware (newbox, switch, WAN modem, and a PC) NewBox wasnt pinging(even when DHCP was setup on it) nor offered DHCP leases.. manually set the IP on PC and still nothing
Booted NewBox using Mint which pulls an IP from OldBox and is pingable
Validated the MACs match when booted into PfSense or MintFresh Menu Pic
NewBox Ifconfig
Below are the results of ifconfig --vvvm em0
NewBox ifconfig
Ping to both New and Old from a different computer
OldBox showing an ARP only when using Mint on NewBox
build layout with the small scale test that I mentioned with the Old currently serving out DHCP leases
-
Here is a screen grab from my switch... I cleared stats and let it site for about 30 seconds and this what I got... NewBox is connected to port 3
This was about 3 mins later and after doing a port scan of 192.168.1.3 which yielded zero open ports
-
So when you're in the 'Test' configuration if you set the PC to DHCP it doesn't pull a IP address?
When if you connect the PC to the New pfSense LAN directly without a switch?
