New Installation - No internet on LAN
-
@viragomann
Here is the ping from pfsense
ping from LAN
https://www.dropbox.com/scl/fi/s4h7572v0w17x2jm2nui1/pfsense-00002.png?rlkey=sgwuqrvixw06upe098yvbifur&dl=0ping from WAN
https://www.dropbox.com/scl/fi/ob8m17tu39ryf68tcumm3/pfsense-00003.png?rlkey=2j92owdn5746fxxjmrtsl2ot1&dl=0however ping from computer is not resolved
-
@musthafa
I saw these screens, but the question is if the computer can ping an IP directly with resolving the host name. -
musthafa@Musthafas-MacBook-Pro-2 ~ % ping 1.1.1.1 PING 1.1.1.1 (1.1.1.1): 56 data bytes 64 bytes from 1.1.1.1: icmp_seq=0 ttl=58 time=11.402 ms 64 bytes from 1.1.1.1: icmp_seq=1 ttl=58 time=13.829 ms 64 bytes from 1.1.1.1: icmp_seq=2 ttl=58 time=10.313 ms 64 bytes from 1.1.1.1: icmp_seq=3 ttl=58 time=10.094 ms 64 bytes from 1.1.1.1: icmp_seq=4 ttl=58 time=12.572 ms ^Z zsh: suspended ping 1.1.1.1 musthafa@Musthafas-MacBook-Pro-2 ~ % ping 8.8.8.8 PING 8.8.8.8 (8.8.8.8): 56 data bytes 64 bytes from 8.8.8.8: icmp_seq=0 ttl=58 time=14.137 ms 64 bytes from 8.8.8.8: icmp_seq=1 ttl=58 time=7.267 ms 64 bytes from 8.8.8.8: icmp_seq=2 ttl=58 time=17.667 ms 64 bytes from 8.8.8.8: icmp_seq=3 ttl=58 time=8.189 ms 64 bytes from 8.8.8.8: icmp_seq=4 ttl=58 time=10.764 ms 64 bytes from 8.8.8.8: icmp_seq=5 ttl=58 time=6.689 ms ^Z zsh: suspended ping 8.8.8.8 musthafa@Musthafas-MacBook-Pro-2 ~ % ping google.com ping: cannot resolve google.com: Unknown host musthafa@Musthafas-MacBook-Pro-2 ~ % -
@musthafa
So the internet works well, but it cannot resolve host names...Which DNS server does it use?
On the LAN you have to allow access to the interface IP, port 53 if pfSense is used. But by default there is an any-to-any rule on LAN, so nothing special needed.
-
DNS Server Settings
https://www.dropbox.com/scl/fi/7xvarr987ubqzeur89f7k/pfsense-00005.png?rlkey=s3th3nss444hpgfivi4490tcp&dl=0WAN firewall rules
https://www.dropbox.com/scl/fi/fe1xq2aej3fqnxsydr5ph/pfsense-00006.png?rlkey=ml9bllt3s6ew8nd1giqxr3pqh&dl=0LAN Firewall Rules
https://www.dropbox.com/scl/fi/jba2ocpnyb9wg37jzc3xg/pfsense-00007.png?rlkey=ulv0nrk1ewc4wef73cdcvxzqw&dl=0DNS Resolver Settings
https://www.dropbox.com/scl/fi/9i16phnhc2ebzojnzu6vg/pfsense-00009.png?rlkey=d344ruldsig55ct31s3xdgdbi&dl=0 -
@musthafa
The big question is still, which DNS server your computer is using.pfSense cannot do anything if the computer requests any other server.
-
-
@musthafa
So it should work actually, but the computer doesn't resolve.You can to go to the DNS Resolver > ACLs page and add an allow ACL for the LAN subnet.
This shouldn't be necessary though, but sometimes there went something wrong obviously. -
Have you tried to flush the dns cache on your laptop? Your system is not resolving properly. In dos run: Ipconfig /flushdns
Sometimes it holds on to records. Also have you set a rule to allow port 53 on your firewall ACL lists? Or nat ?
-
Your laptop looks to have two interfaces connected to pfSense. Is that Ethernet and WIFI? Try disabling WIFI if so.
-
@stephenw10 yeahhh or he can set to to allow use of both in the bios we had to do they for some equipment years ago, one would disable the other for some reason
-
-
@JonathanLee said in New Installation - No internet on LAN:
Sometimes it holds on to records. Also have you set a rule to allow port 53 on your firewall ACL lists? Or nat ?
No. I'm new to pfSense. please guide me on it
-
@stephenw10 said in New Installation - No internet on LAN:
Your laptop looks to have two interfaces connected to pfSense. Is that Ethernet and WIFI? Try disabling WIFI if so.
I'm using usb ethernet on MAC OS to connect to pfSense. Im disabling wifi while testing pfSense.
-
@musthafa said in New Installation - No internet on LAN:
192.168.2 link#27 UCS en12 !
192.168.2 link#15 UCSI en0Your routing table shows two interfaces in that subnet which is a conflict.
Have you tried testing fro some other device?
You shouldn't need to do anything the DNS setup by default. It will allow queries from the LAN subnet.
-
When I changed DNS manually to 1.1.1.1 internet is working on laptop. When DNS is default is set to LAN Gateway IP, 192.168.2.1, internet is not working
-
most of the time wifi was disabled. However even when wifi is on , priority is for usb ethernet in order.
the only other device I could use wired was my andorid phone using same usb ethernet dongle and had the same issue
-
@musthafa said in New Installation - No internet on LAN:
@viragomann
Tried ACL. No luck
https://www.dropbox.com/scl/fi/ov66xwsl6dyyb06w237kj/pfsense-00011.png?rlkey=ilwmw6gqnlolfdgscz5f8dxzv&dl=0Not sure if this matters here, but you should state a network address in the ACL. This was 192.168.2.0.
If there is still no success check the system and Resolver log for hints.
Is the Resolver even running? Check Status > Services. -
Yup try resolving something in Diag > DNS Lookup. Make sure all configured servers respond including localhost.
-
