WAN Offline with 100% packet loss
-
Hello guys! I'm now dealing with a problem involving the WAN default connection. Ever since I created a failover rule for a Multi WAN network, both WAN's were working fine, and now the default WAN is marked as offline, even though it's connected to pfSense.
I tried taking a look at the Multi WAN troubleshooting on pfSense docs and it didn't help me that much. Then I decided to delete all Gateway groups I've had, along with reconfiguring my LAN so no traces of Failover can be found, and still my WAN isn't online.
I also checked my NAT rules, but decided to delete them all to make sure. Still no WAN. I don't know what to do other than restore pfSense to factory defaults and start over. Does someone have any idea how to fix this without the need to basically reset the device?
Thanks in advance!
-
@zer0vini I am not sure I can follow what your problem is.
So, you have (or had) 2 WANs. WAN1 & WAN2. They are then configured in a fail-over group. And now your default WAN is down? And failover was working but now you are out because there is no more failover?
If that is the case, have you tried going to "Interface/(The failed WAN)" and just save the configuration? It would force a DHCP request from your pfSense to the Router, assuming your WAN is configured for DHCP.
And just a suggestion. If the problem is with your WAN, NAT, failover and everything else don't have any influence. Don't play with them. Especially if the failover was working before... This again, assumes that your WAN is showing down.
-
@fbrunken So, failover was working, until it wasn't. Now I decided to clean all traces of rules or gateway groups so I could figure out what's wrong. So now consider it as a pfSense with two independent WAN's, but the default WAN doesn't work, even though there isn't any rule that can conflict with each other in order for the default WAN to go down for some reason.
Pinging WAN by console interface is working fine, but then again, it still is having 100% packet loss and shown as offline.
-
@zer0vini Do you have a monitor IP address on the failing WAN? If you have, for now, remove it. It will ping the operator's gateway instead. And if this works, you can try to use Google's DNS as a monitor IP. 8.8.8.8
-
@fbrunken I'll try that out, then. Thanks!
-
This post is deleted! -
@zer0vini One more thing about a MULTI-WAN environment.
You have to be very careful what you use to monitor. Everything you associate with one WAN interface, you can not try from the other interface. In case you configure DNS, you must associate them to an interface (See System/General Setup). So, for 2 interfaces, you should use 4 DNS for redundancy, 2 on each interface.
If you are going to use a monitor IP on the Gateway, make sure that it is not used on the other interface for anything! So, if you are going to use 8.8.8.8 as DNS for the failing WAN, you can also use it as a monitor IP on the same WAN but not on the other one. Yes, have a look Diagnostics/Routes to make sure that they are properly routed. Think about this in a spreadsheet before configuring, to make sure that everything will be properly configured.
Sorry if you already knew that, but if you didn't, it is important.