2 wan, no load balancing, problems…

rexster

i have 2 wan and i setup few rules like these:
http > gw wan1
https > gw wan1
pop3 > gw wan1
elses > gw wan2

it works ok, but only for a while.
after few minutes, sometimes an hour, the pfsense stop responding even to a ping.
the unit itself still running and from the menu i tell it to reboot.
then it works again for a while…. and so on...

using pfsense rc1 clean install, no packages, no traffic shapping, no load balancing.

tried on 3 totally different pc configuration. same result.

any way i can get this working?
any other rules/nat required to make it work?

tia
rex

hoba

I have a similiar but more complex setup at the office which is up for 10 days (since last upgrade). My setup runs loadbalancing, policybased routing,  some IPSECs, NAT Reflection, additional DMZ interface, Trafficshaping, … works without issues. Also my testsetup at home works fine. So I guess it must be some kind of configurationerror. Please provide more details how you have set things up.

rexster

here's all that i did after a clean install:

• enable snmp
• enable opt1 and set as dhcp to get ip from my modem router
• setup firewall rules so http, https and pop3 go through opt1

that's all it.

rgds,
rex

hoba

Well, in that case I have no clue. Anything special in the systemlogs or at the shell? What does ifconfig report at the shell when this situation appears? Can you still ping hosts at all interfaces from the pfSense itself?

rexster

no messages at shell.
how can i see system log from shell?

pfsense can ping to pc and to modem and internet.
but client pc cant ping to anywhere at all. cant even ping the pfsense.

simply remove all rules through wan2 will solve the problem.

rgds,
rex

here's the ifconfig:
(rl0 is lan, rl1 is wan, fxp0 is wan2)

rl0: flags=8843 <up,broadcast,running,simplex,multicast>mtu 1500
        options=8 <vlan_mtu>inet6 fe80::230:84ff:fe3f:908e%rl0 prefixlen 64 scopeid 0x1
        inet 192.168.18.18 netmask 0xffffff00 broadcast 192.168.18.255
        ether 00:30:84:3f:90:8e
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
fxp0: flags=8843 <up,broadcast,running,simplex,multicast>mtu 1500
        options=8 <vlan_mtu>inet6 fe80::202:a5ff:fe1d:9d4f%fxp0 prefixlen 64 scopeid 0x2
        inet 10.0.0.5 netmask 0xffffff00 broadcast 255.255.255.255
        ether 00:02:a5:1d:9d:4f
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
rl1: flags=8843 <up,broadcast,running,simplex,multicast>mtu 1500
        options=8 <vlan_mtu>inet6 fe80::230:84ff:fe2b:f5a3%rl1 prefixlen 64 scopeid 0x3
        inet 192.168.1.3 netmask 0xffffff00 broadcast 192.168.1.255
        ether 00:30:84:2b:f5:a3
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
pfsync0: flags=41 <up,running>mtu 2020
        pfsync: syncdev: lo0 maxupd: 128
lo0: flags=8049 <up,loopback,running,multicast>mtu 16384
        inet 127.0.0.1 netmask 0xff000000
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5</up,loopback,running,multicast></up,running></full-duplex></vlan_mtu></up,broadcast,running,simplex,multicast></full-duplex></vlan_mtu></up,broadcast,running,simplex,multicast></full-duplex></vlan_mtu></up,broadcast,running,simplex,multicast>

hoba

Is your DHCP WAN2 gateway static? I just wonder if the gateway changes and doesn't get renewed in the rules or something like that. At home I have a simulated setup with DHCP at WAN and OPT-WAN which works nicely with loadbalancing as long as the gateway IP stays static.

rexster

the gateway ip is static.
and pfsense always got the same ip from modem router.

even i try manually set a static ip, the problem persist.

rgds,
rex