[solved] issues with mac filtering
-
Try to ping a public IP address like 8.8.8.8 from the pfsense webGUi and make sure that pfsense has access to internet or to the network on the WAN interface.
-
I'm able to ping 8.8.8.8 from pfsense, not from my computer behind pfsense
-
Did you add a firewall rule on the LAN side where yor PC is connected with allow "any to any" on top of all other rules ?
Can you ping the WAN ip of pfsense from your client ?
-
I haven't edited the firewall, so the default LAN -> Any is still there.
I can ping the WAN address of pfsense and the gateway listed in pfsense.
-
Strange. If you can ping www.google.de and 8.8.8.8 from the pfsense's webGUI then there is a connection.
If your pfsense is doing NAT - what it does in general - then there should be no problem connecting more clients.Can you take screenshots of:
- General Setup
- Gateways
- Firewall
- WAN interface
- DHCP Server options for the clients behind pfsense
-
I'm stumped too, that's why I posted.
I'm running 1.2.3 so I don't have the gateway tab.
For Some reason it's not allowing me to attach all my screenshots,
I'll attach General Setup, and WAN.
As for the rest of WAN: Bogon Networks and Private Networks are not blocked.
Firewall: There are no WAN rules (Could the portal need a port forwarded for something?), The only LAN Rule is the default LAN -> Any
DHCP Server: All the options are blank except for Range (192.168.100.10-192.168.100.245).
Also, my NAT Setup: No Port Forward or 1:1 Rules, Outbound Rules are set to automatic.
Let me know if you need anything else, I'll let you know if I fudge it into working too (I'm messing with it too.)
THANKS FOR THE HELP!
-
Hi,
in general this looks ok.
1.) Try to uncheck "Allow DNS serverlist to be overwritten"
2.) Enter 8.8.8.8 as DNS Server (it google's DNS)
3.) Why are you spoofing yor MAC ? Can you use the original pfsense MAC ? Some systems recognize if the MAC according to IP has changed.Port forwardings are not necessary.
What you can try is to create an allow "any to any" rule on your WAN site. Then try if you can browse the web from your client. But be careful - everyone else then can access your network. This is only for testing.
But after that I am really out of ideas :(
-
I got it working!
I set up DNS forwarder, and installed squid. I'm not really sure why it works or what the underlying issue was, but this seems to be an effective workaround.
Thanks for the help.
EDIT: I say this, but since squid is only a web proxy, no other web service (email, ftp) works, Is there a workaround for this?
-
Hi,
if you are running squid in transparent mode, thean squid is only proxying http ( 80 ). If squid is running in non-transparent mode (than you have to enter the proxy ip in the web browser) is caching http, https and ftp (80,443,21). Try this.
Further you can try with:
Disable X-Forward: checked
Disable VIA: checked -
Awesome, Works like a charm.
Thanks again.