Defalt server but no ineternet on lan
-
Ok Im working on some what setting up pfsense befor my move and have static ip. But got the wan on dhcp and lan set up with static 192.168.1.1 and have the dhcp server running as defalt and I belive the dns forward as defalt but I run a ethernet direct to my computer I cant even pull up google.com with out snort or anything a fresh install what am I doing wrong. Hope some one can help or point me in the right direction thanks.
Sorry for the spelling and grammer.
-
You haven't provided anywhere near enough information to debug this. Start here:
https://doc.pfsense.org/index.php/Connectivity_Troubleshooting
-
Ok going throu it not I did not use a dns from setup so I did go back and put google dns. And that didnt work. So still going throu the list. My computer is showing its own ip diffrent than the pfsense. And subnet is 255.255.255.0
The default gate way ip is the same for the dhcp server and dns server.
Also it uses ipv6 but not sure how to use google public ipv6 dns.Pfsense its self has internet because it can download updates as well as pkgs but lan is a diffrent story.
-
Ok going throu it not I did not use a dns from setup ….
No need to do so.
pfSense uses a resolver that works completely autonomously.
As you already found out yourself, pfSense can resolve, for example : it finds its upgrades and packages.If you LAN has the IP "192.168.1.1 " (default, ok) what is the WAN IP ? What are the WAN interface settings ?
-
Here is what I get. Also it pulls ipv6. Should I not run that?
Also my wan is dhcp and all defalt I didnt change anything.
-
So your WAN has an "RFC 1918" (10/8, 172.16/12, 192.168/16) IP : 192.168.42.109 - it's behind another router, which is ok.
But : look at WAN interface settings (Menu Interfaces / WAN ) : is Block private networks and loopback addresses set ? (should not be set).
Please remove 8.8.8.8 and 8.8.4.4 : I understand that everybody want to give any information to FB. Also giving it to Google - all the site you visit - is "not really needed". When using the default Resolver, they aren't used anyway. Also : If you don't know what to fill in somewhere, don't fill in anything (this has been tested and works well).
-
I removed the google dns. And the block and the loopback was all ready unchecked its working like a charm so now Im going step by set by installing snort now. To male sure to keep track to keep things working. Tha ks for the help guys.
-
I lied back to the same thing even tried a rest of settings and doing like you said and still no google on lan. I even disabled the packet filter to see and still no internet.
Im ready to throw it out the window. Also wan is set for dhcp for now until i get a static ip. Any other ideas -
Test 1…. Go to diag, dns lookup... Can pfsense resolve something - say www.google.com
I would not suggest you install snort until you have the basics working, and I sure would not put it in blocking mode until you have trimmed down the rules.. IPS is great and all - but its sure and the hell is not something for the new user think they can just click it on without issues.
Test 2... if that works... then can your client resolve, is it even asking pfsense.. nslookup, dig are tools here.. But even a simple ping can show you if your client is actually resolving fqdn
C:>ping www.google.com
Pinging www.google.com [[b]172.217.8.196] with 32 bytes of data:
Reply from 172.217.8.196: bytes=32 time=37ms TTL=47
Reply from 172.217.8.196: bytes=32 time=31ms TTL=47
Reply from 172.217.8.196: bytes=32 time=33ms TTL=47Even if the ping doesn'ts answer does it resolve the name to an IP…
-
Well i know the firewall recives internet because I can download updates. And pkg but when you plug right in to the lan you get pfsense but nothing else. But will try the ping and see
-
The best tool there is for troubleshooting dns related problems is dig.. You can install and run it on windows just fine. it comes with BIND, just install the tools portion. Is it tool #1 that gets installed any windows box I have to use..
https://www.isc.org/downloads/
I would also validate that you you are getting the right info from dhcp -maybe their is rouge dhcp server, like your OLD router or or something. What is the output of ipconfig /all your windows box… I assume your using windows as client?
To be honest, click click - and you should have internet in like 2 minutes when setting up pfsense. It just works out of the box... If not then you need to troubleshoot connectivity...
But out of the gate it really is no different than your off the shelf soho router. Its dhcp on wan, it setups any any rule for your lan.. If internet is not working out of the gate then you you tweaked it broke ;) or your having maybe issues with your wan connection, or just plain connectivity from your box to the lan..
If your pfsense has internet connectivity - and its WAN is not stepping on your lan network... IE you don't have 192.168.1/24 on your wan of pfsense and 192.168.1/24 on your lan network do you?
-
ok I have it up and running even with a wireless router connected to the lan and a laptop plugged into the port and I am able to connect to the internet as well as login to the router and the pfsense. I guess was a bit too pushy because I wait about 10minuts or so and everything works great lol. Next task. Is Im going to config my cisco switch to go lan to switch and then a the wifi of the switch to were I can have my servers off the switch and not off the wifi router. thanks guys for the help.
-
Ok I have a question every thing works going to google and all and working with cloudlinux but I cant go to pfsense.org it will not load any anyway not to the main site or the forums is there a port or certific I should install or something. Thanks.