Console Locked, No internet access on post restart.
-
When it's in the failed state, after rebooting with a locked console, what is actually failing?
-
@scottjh1 Steve, the webgui remains fully functional at all points regardless of the full console menu being displayed or not.
-
Ok but presumably the 'no internet access' implies you can't open an external website from a LAN side device.
Can can you ping 8.8.8.8? Can you ping it from pfSense in Diag > Ping? Can you resolve anything?
-
@stephenw10 Nothing resolves externally, while the all interfaces show as up with IP addresses. The wan will show a Fios 100.14.xx.xx DHCP applied address. Before clearing the lock if I go to the internet with a PC the home page is blank and will time out with the browser stating the page is not accessable. There is no resoltion to any external site. I can open the Pfsense admin page and fully access all of the settings. I have not tested ping/tracert from the firewall but it does not work from the PC going outbound.
-
@scottjh1 said in Console Locked, No internet access on post restart.:
The wan will show a Fios 100.14.xx.xx DHCP applied address.
That's a CGN IP address. Is that what it gets when it's working?
If it has a valid public IP it should route traffic. If it's not then it could be a missing default route. Missing NAT perhaps.
But first test it's not a DNS issue. Hard to see why it would be but it certainly could be.
-
@stephenw10 Yes, that is the IP it gets when working. Fios provises DHCL addresses with a two hour lease. However if the device remains on line it will get the same IP address until is is off line fro a period of time. Later today I will restart and review the firewall log to make sure I did not miss any entries.
-
Ok. Well we need to determine exactly what is failing when it boots with the console locked. It has to be something pretty basic like a missing default route or Unbound not running.
-
-
@scottjh1 I sent a copy of the logs in a previous post. The WAN IP is not included. There is nothing obvious in the logs showing whan is going on. I will likey try a to restore an eariler vesion of the config file (not current) in a effort to define if it is the install or config file.
-
@stephenw10 said in Console Locked, No internet access on post restart.:
That's a CGN IP address
For some clarification, he said 100.14 that is a Verizon business IP.. cgn IP is 100.64-127
-
@johnpoz Yes the IP is 100.14.211.xx, it is carrier grade NAT on FIOS. They changed it a number of years ago. I am located in the northeast near Philly.
-
Ha, well spotted. Failure on my part!
But anyway you need to boot to the failed condition then run tests to see what is actually broken. It's hard to imagine what a locked console would break there.
-
The condition is corrected, turns out several config files were apparently corrupted. Although a couple of rules were not contained in the working config file they are easy to add back. Thank you for your help! Jim
-
Strage thing happened, after all was working the same issue appeared. I again restored the same backup as I did eariler. When the restore started a popup appeared noting it was deleting a pfblocker cron job. Post boot no more issue..... very strange.
-
Here is the general log error: Oct 19 19:42:13 php-fpm 399 /pfblockerng/pfblockerng_update.php: Configuration Change: administrator (Local Database): Removed cron job for pfblockerng.php cron
Currently using pfblocket NG-devel 3.2.0_19. Maybe I should the standard version 3.2.0_8. At least the answer came, not sure of why, maybe the job was corrupt. -
Hmm, the current dev version should be fine. I'm running that here without issue.
