Internet lost in PfSense but VPN or everythingelse work well?

mucip

Hi,
I've got very stange situation. PfSense is working. I can ping 8.8.8.8 from PfSense.
I can connect to VPN from outside of firewall but I can not connect internet from lan.
And I can not list available packages from web gui?

Very stange stiuation I guess...

Regards,
Mucip:)

viragomann

@mucip
Are you able to ping an IP from the LAN, e.g. 8.8.8.8?

If so check your DNS settings.

mucip

Dear @viragomann ,
First of all thank you.
I can ping to 8.8.8.8 from PfSense command line and even from pfsense gui ping menu.
But I cannot ping from LAN in the other machines?

DNS settings? Which menu please?

By the way I did not change any config on this pfsense for a long long time...

Regards,
Mucip:)

stephenw10

What about if you try to ping from the pfSense webgui but set the source IP as the LAN address?

mucip

Dear @stephenw10 ,
No problem like below;

But there is nothing below list:

Regards,
Mucip:)

stephenw10

But set the source to LAN so you're testing NAT:

mucip

@stephenw10,
It's OK I guess;

I changed to DNS settings to 8.8.8.8 and 8.8.4.4
Now I can ping from LAN computers too. But still can not see available packages from PfSense GUI?

Regards,
Mucip:)

Gertjan

@mucip

Also check your gateways :

like you, I have a OpenVPN server (listed as VPNS_VPN4) but that's not a gateway in my (and your) case. It could be one if it was a OpenVPN client, connected to some "VPN ISP".

mucip

Hi @Gertjan,
Mine config looks good I guess;

Regards,
Mucip:)

stephenw10

What pfSense version are you running?

Where did you set those DNS servers? In the client or in pfSense directly?

Gertjan

@mucip

192.168.1.1 on WAN ?
So you've changed the default pfSense LAN to something else like 192.168.0.1 /24

Not monitoring ? because ?

mucip

Hi @stephenw10,
I use 2.7.0.

I have modem in the office with DMZ to PfSense box.

Regards,
Mucip:)

Gertjan

@mucip

You like the 2.7.0 bugs better as the 2.7.2 bugs ?

mucip

@Gertjan ,
I check and it says I use latest version?

mucip

@Gertjan ,
Is this bug?

stephenw10

At the command line run: certctl rehash

Then re-check.

That's probably also the pkg issue you are seeing.

mucip

@stephenw10 ,

Now I can see below screen;

Gertjan

@mucip

Aha !!
You saw that ?
Fiirst :

then, after the 'patch' (I sometimes have this strange feeling that @stephenw10 is an AI Netgate bot that is here to drop this "run: certctl rehash" command (sorry, stephenw10, I couldn't resist))

and then

which opens the path to 2.7.2.

Be ware that 2.7.2 won't free you from all misery, as you're like us : upgrading is great, but more then often, don't forget to upgrade the admin also (that's where most of the issues resides).
It will include a new OpenSSL and a way more recent OpenVPN.
If you are using the OpenVPN server you have to upgrade your clients also.
Easy enough : https://openvpn.net/client/client-connect-vpn-for-windows/ or : your phone app store etc.
Export a new OpenVPN client profile.
Import it into your OpenVPN client, and you're good.

stephenw10

Yup. You should upgrade though!

mucip

Hi @Gertjan,
Finally. Yes. Thanks.
I will try to update today.

Regards,
Mucip:)