Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    I have broken my network. WAN and LAN can reach the internet, 2nd LAN or VLANs cannot- ISSUE RESOLVED

    Scheduled Pinned Locked Moved General pfSense Questions
    6 Posts 3 Posters 588 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O
      onyxmal1
      last edited by onyxmal1

      ISSUE HAS BEEN RESOLVED- LEAVE POST IN CASE SOMEONE ELSE HAS THE SAME PROBLEM IN THE FUTURE.

      I am at a loss. While trying another project I seem to have completely broken my network. Prior to messing around with crap, I had a functioning LAN, several VLANs, switches, and a server running. I actually thought I knew how to set up things in PFsense. I cannot figure out exactly how I broke it, so I just started over. The only thing that has not been reset to factory is the server (I am not introducing this back into the network until the network is up and running).

      Where I am right now. I have downloaded and installed a fresh ISO of PFsense, loaded it onto a PROTECTLI, reset the switches, and reset my network configurations on my laptop.

      Installed and set-up PFsense:

      Normal installation with 2 interfaces: WAN and LAN and switch. This seems to work fine, switch and laptop both receive IP addresses and I can reach the internet (thats how I am here right now).

      IP Address Range 10.27.27.1/24

      Because I was having such issues with VLANs, I decided to just make another LAN on OPT2 (Named NSFW). Set up was normal. Created interface, assigned interface, enabled interface, set up DHCP with IP range, and set wide open rules just to try to get it to work. Connect laptop, it receives an IP address within set range (10.28.28.1/24) Ping 10.28.28.1, Good. Ping 10.27.27.1, Good. Ping 1.1.1.1, Good Ping google.com,Failed

      tracert to 1.1.1.1

      1 371 ms 1 ms 1 ms 10.28.28.1

      2 2 ms 2 ms 1 ms 192.168.1.254

      3 22 ms 21 ms 23 ms 76.202.52.1

      4 22 ms 22 ms 22 ms 71.147.134.45

      5 25 ms 24 ms 24 ms 12.242.115.41

      6 25 ms 25 ms 25 ms 32.132.183.62

      7 26 ms 25 ms 26 ms 141.101.72.32

      8 26 ms 25 ms 25 ms 1.1.1.1

      I checked the NAT rules, they are set to automatic and include the 10.28.28.1 range.

      I did this same thing with a VLAN last night and had the exact same results.

      I used one of the Lawrence System tutorials to set everything back up, step by step, line by line.

      I DON'T KNOW WHAT ELSE TO DO!!!!!

      HELP!!!!

      Interfaces.jpg
      LAN_Interface.jpg
      LAN_Rules.jpg
      LAN_DHCP.jpg
      NSFW_Interface.jpg
      NSFW_DHCP.jpg
      NSFW_DHCP.jpg
      NSFW_Rules.jpg
      WAN_Rules.jpg

      S JKnottJ 2 Replies Last reply Reply Quote 0
      • S
        SteveITS Galactic Empire @onyxmal1
        last edited by

        @onyxmal1 said in I have broken my network. WAN and LAN can reach the internet, 2nd LAN or or VLANs cannot:

        Ping 10.28.28.1, Good. Ping 10.27.27.1, Good. Ping 1.1.1.1, Good Ping google.com,Failed

        Could be a DNS error. Your rule on NSFW shows an open state. Try restarting the DNS Resolver. Check if Resolver is listening on All interfaces, in its config page.

        Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
        Upvote ๐Ÿ‘ helpful posts!

        O 1 Reply Last reply Reply Quote 1
        • JKnottJ
          JKnott @onyxmal1
          last edited by

          @onyxmal1 said in I have broken my network. WAN and LAN can reach the internet, 2nd LAN or or VLANs cannot:

          I DON'T KNOW WHAT ELSE TO DO!!!!!

          Other than the main LAN, interfaces require a firewall rule to allow them access to the Internet. Have you done that?

          PfSense running on Qotom mini PC
          i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
          UniFi AC-Lite access point

          I haven't lost my mind. It's around here...somewhere...

          1 Reply Last reply Reply Quote 0
          • O
            onyxmal1 @SteveITS
            last edited by

            @SteveITS ,

            I LOVE YOU.... I have spent over 18 hours working on this damn thing, to include messing with the DNS resolver settings but never restarted it after adding the LANs or VLANs.

            S 1 Reply Last reply Reply Quote 0
            • S
              SteveITS Galactic Empire @onyxmal1
              last edited by

              @onyxmal1 Awwwww. :) It probably wasn't bound to the VLAN IP then.

              Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
              When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
              Upvote ๐Ÿ‘ helpful posts!

              O 1 Reply Last reply Reply Quote 0
              • O
                onyxmal1 @SteveITS
                last edited by

                @SteveITS

                I have literally been laying in the closet for 3 whole days. Factory reseting things, changing settings until it breaks, and starting over. Thank you so much!

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.