[solved] 2.7.0.a.20230510.0600 diag/ping only works by selecting WAN-address
-
I am somewhat unintentionally on 2.7 on my first VPS install of pfSense because I had problems upgrading from 2.6 to Plus... so I tried 2.7.
Anyways I noticed that for example ping from pfSense wouldn't work to a public IP-address unless I specify the WAN-address manually.
Of note is that this VPS only has one NIC, which is WAN, and a wireguard interface, which is LAN.
In Diagnostics/Routes the default destination is the gateway on WAN.
But on WAN "Use non-local gateway" has to be checked because of the VPS-provider. So maybe there is the cause?Also DNS-lookup of an IP-address is not working for me on that VPS install.
-
Your interface layout is probably preventing it from using automatic outbound NAT rules for traffic from the firewall itself (e.g. localhost)
Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!
Need help fast? Netgate Global Support!
Do not Chat/PM for help!
-
@jimp Outbound NAT is looking good.
For the DNS Lookup it helped that I specified the Gateway for the DNS-Servers in System/General Setup. I am not using unbound or the other one locally.
Ping problem (with auto) still persists. Also the update check mostly fails.
-
I noticed that IPv6 wasn't working anymore and that the gateway had "v6" at the end in the name. I deleted it and created a new one, where ich wrote the V upper case. Lets hope this will last longer.
After a reboot IPv6 is lost again, looks like that server is doomed.
-
Today I installed 2.6 and I noticed some differences. I tried to upgrade this install but I am probably hitting some rate limits. Anyway, first difference, on the first page that is displayed after installation, there was the gateway set like I did before on the console, with 2.7 the non-local gateway was missing. Second difference, DHCPv6 on WAN is working with 2.6, wasn't with 2.7.
Now I hope everything still work when I am able to do the double upgrade to 23.05. -
@bob-dig I did the upgrade to 23.01 and 23.05 RC on that (low RAM VMWare) VPS. IPv6 on WAN wasn't working with DHCP. I changed the settings to static IPv6 but after that, the connection on its IPv4-address was lost, even after a reboot. So I had to roll back the config change via console and disabled IPv6 completely.
And still some routing is not correct e.g. not using the default gateway.
-
@bob-dig said in 2.7.0.a.20230510.0600 diag/ping only works by selecting WAN-address:
And still some routing is not correct e.g. not using the default gateway.
Or better, the firewall itself is not always using the default gateway. If I do the ping test with IPv4, it will work for every manually selected interface other than "WAN IPv6 Link-Local" (and Automatic).
-
B Bob.Dig referenced this topic on
-
Re: 2.7.0.a.20230510.0600 diag/ping only works by selecting WAN-address
I installed from scratch again (fifth time) but problem came back again. I can't install anymore packages, the "list" is just empty. And I can't install patches either.
I am getting tired with 23.05-RELEASE and probably will just cancel that VPS.
Or take a look at the other side...
[Marked solved because I have to switch, this VPS from IONOS will not run with pfSense Plus]
