frustrating installation issue
-
Hi all,
I've installed the product onto this hardware a mini PC with two 1 Gbit onboard NICs.
Manufacturer MiniX
Intel(R) Atom(TM) CPU D2550 @ 1.86GHz
4 CPUs: 1 package(s) x 2 core(s) x 2 hardware threads
4GB DDR3 Memory
120GB SATA diskNow pfsense installs fine and I go through the install wizard ok. I want it to replace my ISP router and I have fibre to the premises in the UK so I s.et my WAN side up as pppoe with the relevant credentials.
With my LAN address I see traffic on the LAN and the graphs also show a healthy amount of inbound and outbound traffic. However the WAN just shows inbound but no outbound. The WAN states its connected but the interface graph shows 100% loss.
I have checked the firewall rules to see if its open to outbound and there is an any any rule in place. Same for the LAN. I have seen numerous YouTube videos setting this up and Ive done exactly like they show but no outbound traffic.
All DHCP is configured and internal addresses are dished out fine. I get a WAN address and DNS IPs from the ISP.
What could be the issue?
-
Are you able to ping anything outside your LAN from the PFSense box?
Diagnostics > Ping, enter an IP like 8.8.8.8 (Google DNS)
You shouldn't have an ANY-ANY rule on the WAN, you may as well not have a firewall in place.
LAN should just have it's built-in LAN rule.
Do you have Snort installed as a package? Is it just on the LAN (like it should be)?
-
@Amodin cannot get any outbound traffic at all. Anything on the LAN that needs to see the internet cant either. I dont have snort enabled.
I tried the any any on the wan as a dirty rule to see if I could get traffic.
-
@craigygordon
Can you screenshot and paste your LAN rules here? Are you seeing anything in your logs? -
Please show us the screenshots of your firewall rules on your LAN and WAN.
One more thing I would test in this case is to put the pfSense box behind ISP router and set the pfSense WAN to DHCP and test internet connectivity from the pfSense LAN side, just to see the interfaces and firewall rules are working correctly.
-
What NICs do you have on there? This could be a hardware offloading issue. Make sure it's all disabled in Sys > Adv > Networking.
What's your WAN connection speed? That hardware may not pass it anyway. It won't pass 1G PPPoE, you'd need something about twice as powerful in single thread performance than that 10 yer old Atom.
Steve
-
I binned the current hardware and switched to something more powerful. It now all works perfectly. I think you were right it was a limitation on the CPU side.
-
A D2250 should work it would just be bandwidth limiting for PPPoE. But something like that will already be old, better to start with something newer anyway.
