No LAN internet
-
@marvosa said in No LAN internet:
@hoandco Since we don't have network map, it could be many things (NAT, switch config, misconfigured LAN interface, DNS, wrong default gateway selected, etc), but... I'd start by verifying basic IP communication with an any/any rule.
I will do a network map for you.
I will test one rule at a time to verify basic communication.
I am excited by this.
Thanks for the advice to date -
-
-
What subnets are you using there on each side? Is it a public IP on the WAN?
-
@stephenw10
Stephen
It is a static IP. Ppoe connection. It connects and works very well.
Leigh -
So, yes, the WAN side is a public IP? No way it can conflict with the LAN?
-
@stephenw10
I will send some screen shots of wan lan and nat setup a bit later -
@hoandco
The WAN has been connected but have to use another router to send this
-
@hoandco said in No LAN internet:
I have tried rules for Lan TCP/UDP lan.net ports any http 80 443 and 64.
Make sure that the last two rules with the red dot are present on your LAN interface :
as stated : took me years to find these two.
They work flawlessly.The first rule is auto generated, as it is an interface option. pfSense admins like me can very ignorant, so this rule saves me ones in a while.
Rule 2, 4 and 5 are deactivated.
Rule 3 : got that one from some one who told me to put it there. Dono why.Or keep the default LAN firewall rule that you would find on the LAN interface when you install pfSense. That one is also perfect.
( and not importing your config, as that would also import the bad config )What uses port 64 ??
edit : ah, ok, you already have the two perfect rules.
So, LAN interface rules is not the issue.
Your second rules LAN net to LAN net will never be used, as it's already covered by the first, anti lockout rule.Your LAN uses 192.168.55.1 /24 right ?
The device you've connected on the LAN has an IP like 192.168.55.x where x is in the 2->254 range ? Gateway and DNS is 92.168.55.1 on that device ? -
-
Ok, you appear to be using 192.168.55.0/24 as the LAN subnet.
The WAN is using a public IP outside of that I assume?
Please post a screenshot of Status > Interfaces. You can redact your WAN IP if you need to.
Your LAN firewall rules screenshot shows that traffic from the LAN is hitting the LAN interface and opening states.
Check you have a default route in Diag > Routes.
If you don't go to System > Routing > Gateways and save the PPPoE gateway as the default v4 gateway.Steve
-
Added to what steve said :
The device you use on the pfSense LAN, what is the IPv4 is uses ?
It must be something between 192.168.55.2 and 192.168.55.254.
The Gateway and DNS of that device should be 192.168.55.1 for both.If that device is a windows PC :
ipconfig /allBtw : My previous post was hours to late.
-
@stephenw10
update
wan ppoe set as default lan rules changed Also reloadedpfsense and set new ip address
pc connected with new ipv4 address and gateway
Status
IPV 4 routes
interface stats
WAN gateway - Why offline??
Gateways
-
Please check the screenshots. The ping test is working but no internet on lan when pc connected
-
Can't see anything suspect with your WAN setup.
But your latency is huge .... do you have a satellite connection or something like that ?
Or is this an old POTS 'modem' dail-up connection as has been see before 2000 ?
PING packets, send out regularly by pfSense to test the uplink (WAN) connection do all come back, but terrible slow. That will impact your overall 'Internet' performance.
-
@gertjan
Yes satellite modem 25 Mbps -
@gertjan
The speed is what we have at present. Can you tell me how to connect a pc to test the lan internet access? Basic question but the pc I log into the pfsense web configure cant connect to the internet. Google - not connected to internet.
Leigh -
@hoandco said in No LAN internet:
Can you tell me how to connect a pc to test the lan internet access?
You've already done what needs to be done :
Connect an Ethernet cable between LAN and your PC and you're ok.
'Better' would be : pfSense-LAN <=> switch <=> PC.
That's all it takes.Now : easy proof : use a browser on on your PC and visit http://192.168.55.1
The pfSense GUI pops up right away asking your to enter admin and the password.
This tells you the LAN part is ok.Now the WAN part :
Can you connect to the console of pfSense (or : easier : better : SSH, and use a SSH client like Putty ), and choose option 8 from the menu shown.
Then, on the command line :curl https://www.google.comYou should see this page coming back (html of course) :
<!doctype html><html itemscope="" itemtype="http://schema.org/WebPage" lang="fr"><head>..... ...... ...... </body></html>And check again your LAN setup (just to be sure) :
Btw : satellite : ok, in that case it would be preferable to use forwarding mode for the DNS Resolver.
I would check if '8.8.8.8' is a good solution, as you really gain some ms by chosing a DNS resolver as close a possible to your gateway. -
The gateway shows as offline because of the huge latency. You will need to tune the monitoring values to match your WAN in the advanced section of the gateway config.
But that would not stop LAN hosts using it. What you have setup there should work fine. How exactly are you testing it? Try to ping 8.8.8.8 from the PC on LAN. -
@stephenw10
Stephen
We have satellite broadband. As I showed in my network diagram.
How do you suggest I adjust this.
Leigh
