LAN and WAN2(opt1) work - WAN does not.

hdokes

Greetings all…

Ok... here's what we have.  I have successfully set up my first pfSense box (many thanks to those who helped through here) and have now been taking it to the next step of dual wan ability.

My issue here is I have communications through the LAN port and the WAN2(opt1) ports but never the WAN.  I have swapped cards... I have moved cards... I have set up static addresses, I have set up dhcp (ultimately need this to work through PPPOE) and still no communications... if I pull the OPT1(wan2) card out... then I DO have communications.  But as long as the OPT1 card is installed... no dice.  I even mixed up manufactures to insure there was no conflict with same model nic cards (I have seen issues here before).

The one thing in all instances I have tried to do and can not is to ping from within the webGUI out the wan port to the next hop.  As long as there is a 3rd (opt1) nic I can not do this... the moment I pull that out (physically)... it works.

Any suggestions?

Thanks to all

GruensFroeschli

minimum "some" information about your network…
@http://forum.pfsense.org/index.php/topic:

If you are looking for help on the forum because you have a problem:
provide as much information as possible.
(log-outputs, screenshots of config/rules, etc.)
Often a Diagram (ASCII ART ?) can help more than pages of descriptions how your network is set up.

hdokes

But of course…..

Status: Interfaces

WAN interface (rl1)

Status          up
MAC address 00:50:22:85:9e:b6
IP address          nnn.nnn.nnn.10   
Subnet mask 255.255.255.0
Gateway          nnn.nnn.nnn.1
ISP DNS servers dns.dns.dns.dn1
                         dns.dns.dns.dn2
Media 100baseTX <full-duplex>In/out packets 2/1808 (104 bytes/78 KB)
In/out errors 0/590
Collisions 0

LAN interface (rl0)

Status          up
MAC address 00:17:31:a3:6b:2b
IP address         192.168.10.1   
Subnet mask 255.255.255.0
Media 100baseTX <full-duplex>In/out packets 7938/5426 (884 KB/4.18 MB)
In/out errors 0/0
Collisions 0

WAN2 interface (fxp0)

Status         up
MAC address 00:90:27:3f:6c:b2
IP address         xxx.xxx.xxx.34   
Subnet mask 255.255.255.252
Gateway         xxx.xxx.xxx.33
Media 100baseTX <full-duplex>In/out packets 5493/12903 (494 KB/1.52 MB)
In/out errors 0/0
Collisions 0

Load Balancer: Pool

Name                     Type Servers/Gateways  Port       Monitor             Description

Both                     gateway     (balance)            wan     nnn.nnn.nnn.nn1
                                                                      opt1    xxx.xxx.xxx.x33    Both lines are up

WAN1FailsToWAN2    gateway     (failover)            opt1     xxx.xxx.xxx.x33
                                                                      wan      nnn.nnn.nnn.nn1 WAN 2 preferred when WAN 1 fails

WAN2FailsToWAN1    gateway     (failover)             wan      nnn.nnn.nnn.nn1
                                                                       opt1     xxx.xxx.xxx.x33 WAN 1 preferred when WAN 2 fails

Status: Load Balancer: Pool
   Pools       Virtual Servers

Name                    Type Gateways Status                                           Description
Both                     gateway       wan        Offline Last change Jan 18 2008 21:20:06   Both lines
                            (balance)      opt1        Online Last change Jan 18 2008 21:20:06

WAN1FailsToWAN2   gateway       opt1        Online Last change Jan 18 2008 21:20:06
                            (failover)     wan         Offline Last change Jan 18 2008 21:20:06  WAN 2

WAN2FailsToWAN1   gateway       wan         Offline Last change Jan 18 2008 21:20:06  WAN 1
                            (failover)     opt1         Online Last change Jan 18 2008 21:20:06

Firewall: Rules

LAN

Proto Source   Port  Destination   Port  Gateway              Description

*  LAN net   *    WAN2 net       *    WAN1FailsToWAN2   Make sure wan2 traffic goes to wan2

*  LAN net   * nnn.nnn.nnn.n33 *    WAN2FailsToWAN1   Make sure WAN1 traffic goes to WAN1   
    * LAN net   *         *       *    Both        Everything else gets shared

Diagnostics: ARP Table

IP address          MAC address    Hostname  Interface   
  nnn.nnn.nnn.nn33 00:50:2c:06:5b:40           WAN2
  192.168.10.10         00:11:85:5e:e2:bb             LAN

Let me know if there is anything you want to see.  I have masked the IP's however the names are consistant.

Interesting thing to note... through WAN2 I can remote desktop to a machine on the LAN... however... I can not remote desktop from that LAN machine to the one on the WAN2 side... nor can I ping outbound on WAN2.

Also... you'll notice the the WAN port does not show up in lists even tho it does show it's enabled and has a valid IP.

Thanks</full-duplex></full-duplex></full-duplex>

sai

*  LAN net   *    WAN2 net       *    WAN1FailsToWAN2   Make sure wan2 traffic goes to wan2     
*  LAN net   * nnn.nnn.nnn.n33 *    WAN2FailsToWAN1   Make sure WAN1 traffic goes to WAN1

I usually do routing like this using static routes, not firewall rules.

As long as the WAN gateway does not show up in the arp tables, you are not getting a physical connection and the WAN will not work. From your description, it looks like a hardware problem - maybe IRQ related. Try turning off anything not needed by pfsense in the bios. this can be audio, floppy ….if that does not help then upgrade bios.