Netgate SG1100 Setup Assistance
-
The isp router is on 172.16.0.1 ip and the lan port is 172.16.10.1.
I can ping google DNS 8.8.8.8 but I can open any website.
-
What is the WAN IP of pfSense ?
See Status > InterfacesOn the same page : LAN details ?
On your PC : IP details ?
If it's a Windows PC : go to 'cmd' and executeipconfig /allDid it get an IP from pfSense ( see also Status > DHCP Leases )
The gateway is the LAN IP of pfSEnse ?
Same for DNS ?Did you add or change any DNS settings (normally, you shouldn't ) ?
-
The wan ip is the dhcp address given by the ISP router,.
Yes the PC is a windows PC and the IP address it got was one from the DHCP setup for the LAN port/
I have change and DNS settings. Only added the google DNS servers during the setup wizard,
-
Your LAN settings page should be :
( for now, set IPv6 configuration to "none" :
)System > Routing > Gateways
where my gateway shows "192.168.10.1", your should be "172.16.0.1".
The Monitoring IP should be a known upstream IP that you trust - or just blank or 'automatic'.@merrilr said in Netgate SG1100 Setup Assistance:
Only added the google DNS servers during the setup wizard,
Not really important now, but Netgate didn't ask you to add 8.8.8.8 - or any other IP for that matter. If that was needed, it would be there in the first place.
pfSense uses a resolver. It doesn't need any 8.8.8.8 or 1.1.1.1 or the ISP dns : it works all about of the box, nothing needed.
For some very special Internet connection, you need to enter DNS server IP. But again : not needed for the main 99,999 % of all cases.Go to : Diagnostics > DNS Lookup
and look up, for example, netflix.com
Did you get an answer ?
If ok, do the same thing on your PC :
'cmd'
and thennslookup netflix.comThe answer looks fine ?
Go here : Firewall > Rules > LAN
You have the perfect firewall rule :
-
I note you have a real IPv6 address and pfSense will try to use that by default if it can. If you don't actually have IPv6 connectivity that can cause problems.
Steve
-
S stephenw10 referenced this topic on
-
When I change IPv6 to none. I get the following error:
During the setup wizard it prompted for DNS IPs. Should I have left them blank.
Is it correct that my monitor ip is the same as the Gateway?
How do I delete the DGCP6 as I do not use it -
To put things easy : the DHCP6 (for IPv6) was handing out 'public' IPv6 on your LAN network.
For this to work, you have to have also a working IPv6 'uplink', on the pfSense WAN side.So, disable DHCP6 : un check :
and save,
then : go to Router advertisement, select disabled
and save.
Now you can disable IPv6 on the LAN interface - and the WAN interface.
Save.
Apply.
Reboot for good matters. -
First go to Services > DHCPv6 Server and RA and disable the DHCPv6 server on LAN.
-
@Gertjan I removed all the DHCPv6 entries and set the setting none where applicable.
I also removed the google DNS from the setup screen:
All is working now and I can browse the net.
Thank you so much for all the help and patience you had with me.
-
@merrilr said in Netgate SG1100 Setup Assistance:
I also removed the google DNS from the setup screen:
Ok.
But then :
this will put in place the (ISP) DNS severs you received when establishment the WAN connection.
This option exists also for historical reasons.
By default, this option is not checked neither - you (pfSense) doesn't need it.
Btw : I'm not saying it's 'wrong'. -
I do have that ticked.
I have connected my switch the firewall. And when assigned all to the port I can access the net, however when I assign one of the VLANS i do not have access to the net. I only have one firewall rule to allow all traffic. Is there something I could have done wrong when creating the VLANS or is the problem in the switch setup?
