Always Wan-ip but gateway is 100% packet loss
-
What is that last rule on the WAN for ? That doesn't look like a stock rule ;-) Why is it there? Something you added? what is the expectation with that rule?
sometimes I have Internet connection via Pfsense (can ping, dns lookup etc via pfsense) and sometimes I do not.
so your client systems connected to the netgate are able to browse the internet? Seems unlikely,
-
@jrey said in Always Wan-ip but gateway is 100% packet loss:
What is that last rule on the WAN for ? That doesn't look like a stock rule ;-) Why is it there? Something you added? what is the expectation with that rule?
Last rule was just something a friend told me to add but it didnt do anything....
so your client systems connected to the netgate are able to browse the internet? Seems unlikely,
Well that is why Im seeking help. Im lost!
Yes I can sometimes when the gateway isnt 100% packet loss I can browse the internet etc until a reboot or disconnect the wan networkcabel then its 100% packet loss and then I have to reboot. But a reboot only works sometimes to correct the issue. Wouldnt say if it wasnt so! =) -
@AcidSleeper said in Always Wan-ip but gateway is 100% packet loss:
just out of curiosity what version of pfSense are you running?
but it didnt do anything
the rule, take it out.
--
so I have a media converter for incomming fiber where I plugin my networkcabel in port 1 to get Internet.
what exactly is this device?
--
I setup this test on a completely internal system, maybe you can map the IP addresses as a comparison to your setup
my DHCP assigned (is displayed in reverse order, but the results seem similar, except of course for the IP addresses)
the setup
and then only the two options at the bottom of the same screen checked,
Block private networks and Block logon networks ( both checked)The gateway is like this
for the monitor IP, in this sample I just picked another address in the external subnet 192.168.0. (ie I am simulating another pingable address as if I am my own ISP) (8.8.8.8) works equally well here as this test system has full access to the internet even though it is behind another pfSense box.
Dashboard looks like this
or if I change the monitor IP to something else outside, like 8.8.8.8 it look like this
There is really not a lot to configure. My WAN in this test was assigned 192.168.0.83 the gateway was assigned 192.168.0.1
the internal network on this test system is 10.168.1/24Trace Hop 1 the gateway as assigned by DHCP, hop 2 the second pf box (gateway/ISP, hop 3 the ISP
and from a client machine 10.168.1.5 on the the test network
-
Sorry for the late respons. A huge man-cold and me in bed for a couple of days.
@jrey said in Always Wan-ip but gateway is 100% packet loss:
just out of curiosity what version of pfSense are you running?
PfSense 2.7.1
the rule, take it out.
Removed the rule on wan.
what exactly is this device?
It is an Inteno XG6846. Its a mediaconverter for internet / telephone / TV.
And yes I am using the right port on it! =)
Been using it since 2009 and it work with a computer directly connected to it and also work with and asus router connected to it.
Correct? Have been using this all the time.Gateway:
Sorry but still the same: 100% packet loss.
WAN-rules: removed the rules you said.
Still the same. No connection.
-
DHCP-log
Dec 1 12:18:23 dpinger 87081 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 192.121.XXX.1 bind_addr 192.121.XXX.95 identifier "WAN_DHCP " Dec 1 12:18:24 dpinger 87081 exiting on signal 15 Dec 1 12:18:24 dpinger 30076 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 192.121.XXX.1 bind_addr 192.121.XXX.95 identifier "WAN_DHCP " Dec 1 12:20:34 dpinger 30076 WAN_DHCP 192.121.XXX.1: sendto error: 65 Dec 1 12:20:35 dpinger 30076 WAN_DHCP 192.121.XXX.1: sendto error: 65 Dec 1 12:20:36 dpinger 30076 exiting on signal 15 Dec 1 13:20:36 dpinger 48663 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 192.121.XXX.1 bind_addr 192.121.XXX.95 identifier "WAN_DHCP " Dec 1 13:20:38 dpinger 48663 WAN_DHCP 192.121.XXX.1: Alarm latency 0us stddev 0us loss 100% Dec 1 13:20:43 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:43 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:44 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:44 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:45 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:45 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:46 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:46 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:47 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:47 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:48 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:48 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:49 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:49 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:50 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:50 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:51 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:52 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:52 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:53 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:53 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:54 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:54 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:55 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:55 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:56 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:56 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:57 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:57 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:58 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:58 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:59 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:59 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:00 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:01 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:01 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:02 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:02 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:03 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:03 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:04 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:04 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:05 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:05 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:06 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:06 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:07 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:07 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:08 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:08 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:09 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:09 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:10 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:11 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:11 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:12 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:12 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:13 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:13 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:14 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:14 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:15 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:15 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:16 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:16 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:17 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:17 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:18 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:18 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:19 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:19 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:20 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:20 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:21 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:22 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:22 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:23 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:23 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 65 Dec 1 13:21:24 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 65 Dec 1 13:21:24 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 65 Dec 1 13:21:25 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 65 Dec 1 13:21:25 dpinger 48663 exiting on signal 15 Dec 1 13:21:26 dpinger 71796 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 192.121.XXX.1 bind_addr 192.121.XXX.95 identifier "WAN_DHCP " Dec 1 13:21:27 dpinger 71796 exiting on signal 15 Dec 1 13:21:27 dpinger 77839 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 192.121.XXX.1 bind_addr 192.121.XXX.95 identifier "WAN_DHCP " Dec 1 13:21:29 dpinger 77839 WAN_DHCP 192.121.XXX.1: Alarm latency 0us stddev 0us loss 100% Dec 1 13:21:54 dpinger 77839 exiting on signal 15 Dec 1 13:21:54 dpinger 99011 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 192.121.XXX.1 bind_addr 192.121.XXX.95 identifier "WAN_DHCP " Dec 1 13:21:56 dpinger 99011 WAN_DHCP 192.121.XXX.1: Alarm latency 0us stddev 0us loss 100% Dec 1 13:22:12 dpinger 99011 exiting on signal 15 Dec 1 13:22:12 dpinger 12629 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 8.8.8.8 bind_addr 192.121.XXX.95 identifier "WAN_DHCP " Dec 1 13:22:14 dpinger 12629 WAN_DHCP 8.8.8.8: Alarm latency 0us stddev 0us loss 100% Dec 1 13:30:59 dpinger 80083 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 8.8.8.8 bind_addr 192.121.XXX.95 identifier "WAN_DHCP " Dec 1 13:30:59 dpinger 80083 exiting on signal 15 Dec 1 13:30:59 dpinger 11554 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 8.8.8.8 bind_addr 192.121.XXX.95 identifier "WAN_DHCP " Dec 1 13:31:02 dpinger 11554 WAN_DHCP 8.8.8.8: Alarm latency 7373us stddev 0us loss 66% Dec 1 13:51:40 dpinger 84006 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 8.8.8.8 bind_addr 192.121.XXX.95 identifier "WAN_DHCP " Dec 1 13:51:40 dpinger 84006 exiting on signal 15 Dec 1 13:51:40 dpinger 5873 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 8.8.8.8 bind_addr 192.121.XXX.95 identifier "WAN_DHCP " Dec 1 13:51:42 dpinger 5873 WAN_DHCP 8.8.8.8: Alarm latency 0us stddev 0us loss 100% Dec 1 14:18:08 dpinger 5873 exiting on signal 15 Dec 1 14:18:08 dpinger 54143 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 8.8.8.8 bind_addr 192.121.XXX.95 identifier "WAN_DHCP " Dec 1 14:18:10 dpinger 54143 WAN_DHCP 8.8.8.8: Alarm latency 0us stddev 0us loss 100% -
This is my Firewall log:
Dec 1 12:18:26 WAN Default deny rule IPv4 (1000000103) 46.101.127.0:53 192.121.XXX.95:53 UDP Dec 1 12:18:35 WAN Default deny rule IPv4 (1000000103) 104.244.73.202:4445 192.121.XXX.95:135 TCP:S Dec 1 12:18:47 WAN Default deny rule IPv4 (1000000103) 77.90.185.66:51273 192.121.XXX.95:14288 TCP:S Dec 1 12:18:50 WAN Default deny rule IPv4 (1000000103) 162.142.125.242:62339 192.121.XXX.95:13757 TCP:S Dec 1 12:18:50 LAN Default deny rule IPv6 (1000000105) [fe80::e438:73b2:3382:dba9]:50569 [fec0:0:0:ffff::3]:53 UDP Dec 1 12:18:51 LAN Default deny rule IPv6 (1000000105) [fe80::e438:73b2:3382:dba9]:50569 [fec0:0:0:ffff::2]:53 UDP Dec 1 12:18:53 LAN Default deny rule IPv6 (1000000105) [fe80::e438:73b2:3382:dba9]:50569 [fec0:0:0:ffff::1]:53 UDP Dec 1 12:18:54 WAN Default deny rule IPv4 (1000000103) 64.62.197.118:55511 192.121.XXX.95:89 TCP:S Dec 1 12:18:54 WAN Default deny rule IPv4 (1000000103) 162.216.150.237:50840 192.121.XXX.95:36168 TCP:S Dec 1 12:19:03 WAN Default deny rule IPv4 (1000000103) 80.94.95.225:59510 192.121.XXX.95:37505 TCP:S Dec 1 12:19:35 WAN Default deny rule IPv4 (1000000103) 36.11.36.100:41852 192.121.XXX.95:60023 TCP:S Dec 1 12:19:41 WAN Default deny rule IPv4 (1000000103) 77.90.185.182:54815 192.121.XXX.95:38631 TCP:S Dec 1 12:19:43 WAN Default deny rule IPv4 (1000000103) 185.200.118.46:37660 192.121.XXX.95:443 UDP Dec 1 12:19:43 WAN (12006) 10.255.13.195 224.0.0.1 IGMP Dec 1 12:19:53 WAN Default deny rule IPv4 (1000000103) 162.216.150.225:55884 192.121.XXX.95:5384 TCP:S Dec 1 12:19:58 WAN Default deny rule IPv4 (1000000103) 162.216.150.52:52792 192.121.XXX.95:31852 TCP:S Dec 1 12:19:59 WAN Default deny rule IPv4 (1000000103) 162.216.150.115:53927 192.121.XXX.95:48759 TCP:S Dec 1 12:20:21 WAN Default deny rule IPv4 (1000000103) 210.245.120.108:54801 192.121.XXX.95:59739 TCP:S Dec 1 12:20:29 WAN Default deny rule IPv4 (1000000103) 162.142.125.246:2059 192.121.XXX.95:2022 TCP:S Dec 1 12:20:30 WAN Default deny rule IPv4 (1000000103) 167.94.138.149:23612 192.121.XXX.95:38183 TCP:S Dec 1 13:32:14 WAN (12006) 10.255.13.195 224.0.0.1 IGMP Dec 1 13:34:19 WAN Block private networks from WAN block 10/8 (12001) 10.255.13.195 224.0.0.1 IGMP Dec 1 13:44:44 WAN Block private networks from WAN block 10/8 (12001) 10.255.13.195 224.0.0.1 IGMP Dec 1 13:46:49 WAN Block private networks from WAN block 10/8 (12001) 10.255.13.195 224.0.0.1 IGMP Dec 1 13:48:54 WAN Block private networks from WAN block 10/8 (12001) 10.255.13.195 224.0.0.1 IGMP Dec 1 13:53:04 WAN (12006) 10.255.13.195 224.0.0.1 IGMP Dec 1 13:55:09 WAN Block private networks from WAN block 10/8 (12001) 10.255.13.195 224.0.0.1 IGMP Dec 1 13:57:14 WAN Block private networks from WAN block 10/8 (12001) 10.255.13.195 224.0.0.1 IGMP Dec 1 13:59:19 WAN Block private networks from WAN block 10/8 (12001) 10.255.13.195 224.0.0.1 IGMP Dec 1 14:01:25 WAN Block private networks from WAN block 10/8 (12001) 10.255.13.195 224.0.0.1 IGMP Dec 1 14:03:30 WAN Block private networks from WAN block 10/8 (12001) 10.255.13.195 224.0.0.1 IGMP Dec 1 14:05:34 WAN Block private networks from WAN block 10/8 (12001) 10.255.13.195 224.0.0.1 IGMP Dec 1 14:07:39 WAN Block private networks from WAN block 10/8 (12001) 10.255.13.195 224.0.0.1 IGMP Dec 1 14:09:44 WAN Block private networks from WAN block 10/8 (12001) 10.255.13.195 224.0.0.1 IGMP Dec 1 14:22:14 WAN Block private networks from WAN block 10/8 (12001) 10.255.13.195 224.0.0.1 IGMP Dec 1 14:30:34 WAN Block private networks from WAN block 10/8 (12001) 10.255.13.195 224.0.0.1 IGMP -
@AcidSleeper said in Always Wan-ip but gateway is 100% packet loss:
and it work with a computer directly connected to it and also work with and asus router connected to it.
so when either of these devices are connected to it, what IP's are they assigned?
the ISP is giving you a DHCP address (right?) (Random or Static?), but the result of the setting are apparently different when pfSense is assigned vs. what the computer or Asus.
Compare them?(are they requiring a specific MAC address?)
Does the ISP also provide you IPV6 ? that shows as pending in your screen shot above.
if they do not provide IPv6 (might not be a bad, test anyway)
also clients going through the netgate are able browse internet?
Diagnostics -> Routes
The ISP assigned IP and gateway listed?
generally does it show all the IP addresses you expect ? -
@jrey said in Always Wan-ip but gateway is 100% packet loss:
so when either of these devices are connected to it, what IP's are they assigned?
My computer and Asus router are assigned diffrent ip-adresses.
the ISP is giving you a DHCP address (right?) (Random or Static?), but the result of the setting are apparently different when pfSense is assigned vs. what the computer or Asus.
Compare them?Yes, DHCP and Random. Cant find any differences. I have assigned another dns-server in ASUS-router like I do here in pfsense. other then that I dont know.
(are they requiring a specific MAC address?)
No.
Does the ISP also provide you IPV6 ? that shows as pending in your screen shot above.
if they do not provide IPv6 (might not be a bad, test anyway)They dont and I have that removed in the last screenshot.
also clients going through the netgate are able browse internet?
Think you misunderstood me here. I cant access the internet when gateway is 100% packet loss. It is when gateway is Online I can surf etc.
-
Diagnostics -> Routes
The ISP assigned IP and gateway listed?
generally does it show all the IP addresses you expect ?
-
Here I did a Status - Interfaces: Release Wan and the checkbox with Relinquish Lease Checked.
Then I in Command Promt I wrote: "ifconfig igc0 down" waited lets say 20seconds and then typed "ifconfig igc0 up"I had internet, gateway was online. But when I rebooted the result was 100% packet loss.
Dec 1 14:42:21 php-fpm 399 /status_interfaces.php: The command '/usr/local/sbin/dhclient {$ipv} -d -r -lf '/var/db/dhclient.leases.igc0' -cf '/var/etc/dhclient_wan.conf' -sf '/usr/local/sbin/pfSense-dhclient-script'' returned exit code '1', the output was 'Internet Systems Consortium DHCP Client 4.4.3-P1 Copyright 2004-2022 Internet Systems Consortium. All rights reserved. For info, please visit https://www.isc.org/software/dhcp/ /var/db/dhclient.leases.igc0 line 4: expecting lease declaration. next-server ^ /var/db/dhclient.leases.igc0 line 5: expecting semicolon. option ^ /var/db/dhclient.leases.igc0 line 18: expecting lease declaration. next-server ^ /var/db/dhclient.leases.igc0 line 19: expecting semicolon. option ^ Listening on BPF/igc0/60:be:b4:02:e3:42 Sending on BPF/igc0/60:be:b4:02:e3:42 Can't attach interface {} to bpf device /dev/bpf0: Device not configured If you think you have received this message due to a bug rather than a configuration issue please read the section on submitting bugs on either our web page at www.isc.org or in the README file before submitting a bug. These pages explain the proper process and the information we find helpful for debugging. exiting.' Dec 1 14:42:24 php-fpm 399 /status_interfaces.php: Resyncing OpenVPN instances for interface WAN. Dec 1 14:42:24 check_reload_status 439 Reloading filter Dec 1 14:42:24 php-fpm 399 /status_interfaces.php: Gateway, none 'available' for inet, use the first one configured. 'WAN_DHCP' Dec 1 14:42:24 php-fpm 399 /status_interfaces.php: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.*PROTO.*>'' returned exit code '1', the output was '' Dec 1 14:42:24 check_reload_status 439 Starting packages Dec 1 14:42:25 php-fpm 43555 /rc.start_packages: Restarting/Starting all packages. Dec 1 14:43:43 kernel igc0: link state changed to DOWN Dec 1 14:43:43 check_reload_status 439 Linkup starting igc0 Dec 1 14:43:44 php-fpm 43555 /rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp) Dec 1 14:43:44 php-fpm 43555 /rc.linkup: DEVD Ethernet detached event for wan Dec 1 14:43:44 check_reload_status 439 Reloading filter Dec 1 14:43:44 rc.gateway_alarm 6428 >>> Gateway alarm: WAN_DHCP (Addr:192.121.XXX.1 Alarm:down RTT:0ms RTTsd:0ms Loss:100%) Dec 1 14:43:44 check_reload_status 439 updating dyndns WAN_DHCP Dec 1 14:43:44 check_reload_status 439 Restarting IPsec tunnels Dec 1 14:43:44 check_reload_status 439 Restarting OpenVPN tunnels/interfaces Dec 1 14:43:44 check_reload_status 439 Reloading filter Dec 1 14:43:45 php-fpm 400 /rc.openvpn: Gateway, none 'available' for inet, use the first one configured. 'WAN_DHCP' Dec 1 14:43:45 php-fpm 400 /rc.openvpn: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.*PROTO.*>'' returned exit code '1', the output was '' Dec 1 14:43:47 check_reload_status 439 Linkup starting igc0 Dec 1 14:43:47 kernel igc0: link state changed to UP Dec 1 14:43:48 php-fpm 400 /rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp) Dec 1 14:43:48 php-fpm 400 /rc.linkup: DEVD Ethernet attached event for wan Dec 1 14:43:48 php-fpm 400 /rc.linkup: HOTPLUG: Configuring interface wan Dec 1 14:43:48 check_reload_status 439 rc.newwanip starting igc0 Dec 1 14:43:48 php-fpm 400 /rc.linkup: Gateway, none 'available' for inet, use the first one configured. 'WAN_DHCP' Dec 1 14:43:48 php-fpm 400 /rc.linkup: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.*PROTO.*>'' returned exit code '1', the output was '' Dec 1 14:43:48 check_reload_status 439 Restarting IPsec tunnels Dec 1 14:43:48 check_reload_status 439 updating dyndns wan Dec 1 14:43:48 check_reload_status 439 Reloading filter Dec 1 14:43:49 php-fpm 399 /rc.newwanip: rc.newwanip: Info: starting on igc0. Dec 1 14:43:49 php-fpm 399 /rc.newwanip: rc.newwanip: on (IP address: 192.121.XXX.95) (interface: WAN[wan]) (real interface: igc0). Dec 1 14:43:50 php-fpm 399 /rc.newwanip: Removing static route for monitor 8.8.8.8 and adding a new route through 192.121.XXX.1 Dec 1 14:43:50 php-fpm 399 /rc.newwanip: Gateway, NONE AVAILABLE Dec 1 14:43:50 php-fpm 399 /rc.newwanip: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.*PROTO.*>'' returned exit code '1', the output was '' Dec 1 14:43:50 php-fpm 399 /rc.newwanip: IP Address has changed, killing states on former IP Address 0.0.0.0. Dec 1 14:43:50 php-fpm 399 /rc.newwanip: Resyncing OpenVPN instances for interface WAN. Dec 1 14:43:50 php-fpm 399 /rc.newwanip: Creating rrd update script Dec 1 14:43:52 php-fpm 399 /rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - 0.0.0.0 -> 192.121.XXX.95 - Restarting packages. Dec 1 14:43:52 check_reload_status 439 Starting packages Dec 1 14:43:52 check_reload_status 439 Reloading filter Dec 1 14:43:54 php-fpm 400 /rc.start_packages: Restarting/Starting all packages. Dec 1 14:44:48 php-fpm 43555 /diag_reboot.php: Stopping all packages. Dec 1 14:44:51 reboot 10265 rebooted by root Dec 1 14:44:51 syslogd exiting on signal 15 Dec 1 14:45:34 syslogd kernel boot file is /boot/kernel/kernel Dec 1 14:45:34 kernel ---<<BOOT>>--- Dec 1 14:45:34 kernel igc0: <Intel(R) Ethernet Controller I225-V> mem 0x50a00000-0x50afffff,0x50b00000-0x50b03fff at device 0.0 on pci2 Dec 1 14:45:34 kernel igc0: Using 1024 TX descriptors and 1024 RX descriptors Dec 1 14:45:34 kernel igc0: Using 2 RX queues 2 TX queues Dec 1 14:45:34 kernel igc0: Using MSI-X interrupts with 3 vectors Dec 1 14:45:34 kernel igc0: Ethernet address: 60:be:b4:02:e3:42 Dec 1 14:45:34 kernel igc0: netmap queues/slots: TX 2/1024, RX 2/1024 Dec 1 14:45:34 kernel igc1: <Intel(R) Ethernet Controller I225-V> mem 0x50800000-0x508fffff,0x50900000-0x50903fff at device 0.0 on pci3 Dec 1 14:45:34 kernel igc1: Using 1024 TX descriptors and 1024 RX descriptors Dec 1 14:45:34 kernel igc1: Using 2 RX queues 2 TX queues Dec 1 14:45:34 kernel igc1: Using MSI-X interrupts with 3 vectors Dec 1 14:45:34 kernel igc1: Ethernet address: 60:be:b4:02:e3:43 Dec 1 14:45:34 kernel igc1: netmap queues/slots: TX 2/1024, RX 2/1024 Dec 1 14:45:34 kernel igc2: <Intel(R) Ethernet Controller I225-V> mem 0x50600000-0x506fffff,0x50700000-0x50703fff at device 0.0 on pci4 Dec 1 14:45:34 kernel igc2: Using 1024 TX descriptors and 1024 RX descriptors Dec 1 14:45:34 kernel igc2: Using 2 RX queues 2 TX queues Dec 1 14:45:34 kernel igc2: Using MSI-X interrupts with 3 vectors Dec 1 14:45:34 kernel igc2: Ethernet address: 60:be:b4:02:e3:44 Dec 1 14:45:34 kernel igc2: netmap queues/slots: TX 2/1024, RX 2/1024 Dec 1 14:45:34 kernel igc3: <Intel(R) Ethernet Controller I225-V> mem 0x50400000-0x504fffff,0x50500000-0x50503fff at device 0.0 on pci5 Dec 1 14:45:34 kernel igc3: Using 1024 TX descriptors and 1024 RX descriptors Dec 1 14:45:34 kernel igc3: Using 2 RX queues 2 TX queues Dec 1 14:45:34 kernel igc3: Using MSI-X interrupts with 3 vectors Dec 1 14:45:34 kernel igc3: Ethernet address: 60:be:b4:02:e3:45 Dec 1 14:45:34 kernel igc3: netmap queues/slots: TX 2/1024, RX 2/1024 Dec 1 14:45:34 kernel lo0: link state changed to UP Dec 1 14:45:38 check_reload_status 439 Linkup starting igc0 Dec 1 14:45:38 kernel igc0: link state changed to UP Dec 1 14:45:38 check_reload_status 439 rc.newwanip starting igc0 Dec 1 14:45:38 php-cgi 474 rc.bootup: Resyncing OpenVPN instances. Dec 1 14:45:39 kernel pflog0: promiscuous mode enabled Dec 1 14:45:39 php-cgi 474 rc.bootup: Removing static route for monitor 8.8.8.8 and adding a new route through 192.121.XXX.1 Dec 1 14:45:39 kernel .done. Dec 1 14:45:39 kernel done. Dec 1 14:45:39 php-cgi 474 rc.bootup: Gateway, NONE AVAILABLE Dec 1 14:45:39 php-cgi 474 rc.bootup: Default gateway setting Interface WAN_DHCP Gateway as default. Dec 1 14:45:39 php-cgi 474 rc.bootup: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.*PROTO.*>'' returned exit code '1', the output was '' Dec 1 14:45:39 php-fpm 399 /rc.newwanip: rc.newwanip: Info: starting on igc0. Dec 1 14:45:39 kernel done. Dec 1 14:45:39 php-fpm 399 /rc.newwanip: rc.newwanip: on (IP address: 192.121.XXX.95) (interface: WAN[wan]) (real interface: igc0). Dec 1 14:45:39 php-fpm 399 /rc.newwanip: Removing static route for monitor 8.8.8.8 and adding a new route through 192.121.XXX.1 Dec 1 14:45:39 php-cgi 474 rc.bootup: sync unbound done. Dec 1 14:45:39 kernel done. Dec 1 14:45:39 kernel done. Dec 1 14:45:42 rc.gateway_alarm 86534 >>> Gateway alarm: WAN_DHCP (Addr:8.8.8.8 Alarm:1 RTT:7.380ms RTTsd:0ms Loss:50%) Dec 1 14:45:42 check_reload_status 439 updating dyndns WAN_DHCP Dec 1 14:45:42 check_reload_status 439 Restarting IPsec tunnels Dec 1 14:45:42 check_reload_status 439 Restarting OpenVPN tunnels/interfaces Dec 1 14:45:42 check_reload_status 439 Reloading filter Dec 1 14:45:43 check_reload_status 439 Linkup starting igc1 Dec 1 14:45:43 kernel igc1: link state changed to UP Dec 1 14:45:44 php-fpm 400 /rc.linkup: Ignoring link event during boot sequence. Dec 1 14:46:10 php-cgi 474 rc.bootup: NTPD is starting up. Dec 1 14:46:10 kernel done. Dec 1 14:46:11 kernel done. Dec 1 14:46:11 check_reload_status 439 Updating all dyndns Dec 1 14:46:11 php-cgi 474 rc.bootup: The command '/usr/local/sbin/strongswanrc stop' returned exit code '1', the output was 'strongswan not running? (check /var/run/daemon-charon.pid).' Dec 1 14:46:11 kernel .done. Dec 1 14:46:17 php-fpm 400 /rc.start_packages: Restarting/Starting all packages. Dec 1 14:46:17 root 96391 Bootup complete -
The answer has to be right there, but I'm not spotting it.
Reviewing everything you have provided, and just noticed another rule, that is not out of box on the LAN tab. for the IPv4 you have * (any) for source, out of box this would be "LAN subnets" like the IPv6 rule below it. Should not make a difference (but I didn't test it) so more just an observation at this point.
as it sits right now, your WAN IP is 192.121.xx.95 and the gateway should be 192.121.x.1
from the Diagnostics / Ping page can you ping both of those and get a response?
-
@jrey I change the rule as you requested.
I will try and ping theese ip tomorrow. The whole family is using the Internet as the Asus-router is plugged in the Wan-port of the mediaconverter right now.
I will return tomorrow! Thanks for all the troubleshooting so far!
-
Of course - no problem.
What other packages if any do you have installed and running?
After a reboot any services showing as not running?
-
My test machine is a virtual, so I can virtually mess with it.
so the system is currently running and an I disconnect the WAN Cable.
Note the system does not say OffLine -- the gateway just goes Pending and Unknown -what I'd expect ..
The interface is autoselect. (should be)
virtually plug it back in and it instantly negotiates the connection.
are you using the same cable when going from
mc <-> asus
as you do when going from
mc <-> pf
if it is the same cable that's fine, but if different (and even if not) are you getting the same negotiated speed/duplex on both devices (asus and pf)
do you need to restart the MC (or should you?) or just swapping the cable?curiosity questions
-
First answear your questions:
-
its the same cabel and Im getting 1000baseT from Wan. My laptop is old so it only got 100baseTX. I also have changed tha cabel from Cat5, Cat5e and Cat6 and different lengths.
-
When I remove the cabel the gateway goes to Pending and Unknown. Like yours.
-
I got no installed packages except Watchdog.
My morning work:
I couldnt sleep so at 06:00 I had an idea.What if the mediaconverter (Inteno) cant handle more than a couple of mac-adresses, and its locked at my Asus and my computer that has been connected recently to the mediaconverter before my pfsense-box.
Cant hurt to try: So I connected my computer, got an IP and with commandpromt I wrote "ipconfig /release". No ip and removed the Wan-cabel from my computer.
Started up my pfsense without wan-cabel and had it running when I put the wan-cabel in the pfsense-box. Voila! Gateway Online.
But have to try a reboot. No problems there.
But have to try and removed the wan-cabel and place it back in. No problems here either.Is it this that have been the problem the whole time. Some kind of macadress-lock? What do you think?
BUT I called to soon, there is still some problem. Had 4hours to play around. I remove the cabel and then I dont get gateway online again when I place it back in. I do it again and Gateway says Online.
But I cant browse the internet.
From pfsense I can ping and do traceroutes from ip-adresses and www-adresses. But if I try to browse the internet it wont work. I reboot, gateway Online but no internet. Remove the cabel again and plug in back in. Gateway is Online but no Internet. Can ping etc. DO a reboot again, no change except gateway offline. Another reboot and gateway online and I can browse the Internet.Something is very strange.
-
-
@jrey forgot to reply to you in my above post.
When I reboot without Wan-cable in the pfsense it boots up without running the dpinger in services, it is "stopped".
So when I plug in my wan-cable everything works. Is dpinger the fault?
-
2 items, MAC and Watchdog. (try watchdog change first)
MAC
so then (are they requiring a specific MAC address?)rephrase that to be ia the MediaConverter requiring a specific MAC.
just so there is no confusion about which device possibly requiring it.of course you can just tell pfSense to use the same MAC as the asus. if you want.
record the MAC addy the asus is using to connect to the MC.
enter that on the WAN screen. (sorry screen capture is from my production so forget that it says Static IP, (leave yours at DHCP)
Watchdog. "Service_Watchdog"? it will conflict with dpinger that monitors the connection. if that is the only package/service you have installed just remove WD. I have a few packages/Services running on Prod, and have never found the need to run WD, so not even installed here.
-
WatchDog removed and rebooted twice. No change.
I have tried the Mac-spoofing before. Didnt make a change either. Tried it again. Rebooted. Nope.
-
@AcidSleeper said in Always Wan-ip but gateway is 100% packet loss:
rebooted twice.
rebooted what? possible both devices need a power cycle.
MC first, give it time to start up, then pfSense
from your "can't sleep" post above it appears it was working? (or am I in need of more coffee and reading that wrong)
then let's look at a current set of logs from that sequence.
what's the make/model of the network card in the pfSense box?
-
@jrey said in Always Wan-ip but gateway is 100% packet loss:
rebooted what? possible both devices need a power cycle.
MC first, give it time to start up, then pfSense
Done that. Still no change.
from your "can't sleep" post above it appears it was working? (or am I in need of more coffee and reading that wrong)
Yes it was working and have been working but a reboot can make it go away any second.
then let's look at a current set of logs from that sequence.
To bad the logs from that time is long gone. Only 500 rows in log. =/
what's the make/model of the network card in the pfSense box?
Its 4x Intel i225-V 2.5Gbs
