Pfsense has connection, connected machines don't
-
Tracing route to 8.8.8.8 over a maximum of 30 hops
1 <1 ms <1 ms <1 ms 192.168.0.1
2 * * * Request timed out.
3 * * * Request timed out.
4 * * * Request timed out.
5 * * * Request timed out.
6 * * * Request timed out.
7 * * * Request timed out.
8 * * * Request timed out.
9 * * * Request timed out.
10 * * * Request timed out.
11 * * * Request timed out.
12 * * * Request timed out.
13 * * * Request timed out.
14 * * * Request timed out.
15 * * * Request timed out.
16 * * * Request timed out.
17 * * * Request timed out.
18 * * * Request timed out.
19 * * * Request timed out.
20 * * * Request timed out.
21 * * * Request timed out.
22 * * * Request timed out.
23 * * * Request timed out.
24 * * * Request timed out.
25 * * * Request timed out.
26 * * * Request timed out.
27 * * * Request timed out.
28 * * * Request timed out.
29 * * * Request timed out.
30 * * * Request timed out.Trace complete.
-
The most likely thing is that you have something on the Windows clients that is interfering (a software firewall or some other package).
Can you try booting into a Linux live CD (such as Ubuntu) and see if you get the same result?
-
Just tested using my laptop(OS X) and the result was the same. Roommates laptop(Joli OS) has same result.
-
Just tested using my laptop(OS X) and the result was the same. Roommates laptop(Joli OS) has same result.
I presume you mean that on both machines a traceroute 8.8.8.8 displayed @No1451:
Tracing route to 8.8.8.8 over a maximum of 30 hops
1 <1 ms <1 ms <1 ms 192.168.0.1
2 * * * Request timed out.
3 * * * Request timed out.
. . .I would check the traceroute (or ping 8.8.8.8 ) is really arriving on the pfSense LAN interface. (Perhaps you have another system on your LAN with IP address 192.168.0.1)
-
(Perhaps you have another system on your LAN with IP address 192.168.0.1)
That's one thing that came to mind. Another, maybe LAN and WAN are on the same subnet, which of course won't work.
Attaching the full config backup would at least show us whether your config is sane.
-
Just tested using my laptop(OS X) and the result was the same. Roommates laptop(Joli OS) has same result.
I presume you mean that on both machines a traceroute 8.8.8.8 displayed @No1451:
Tracing route to 8.8.8.8 over a maximum of 30 hops
1 <1 ms <1 ms <1 ms 192.168.0.1
2 * * * Request timed out.
3 * * * Request timed out.
. . .I would check the traceroute (or ping 8.8.8.8 ) is really arriving on the pfSense LAN interface. (Perhaps you have another system on your LAN with IP address 192.168.0.1)
That is what I meant, yes. I have nothing else on the network with the same IP(and I have tried alternative IPs as well to rule that out as a possibility). When running a ping/traceroute there wasn't any reported activity in the log(I was watching firewall).
I'm fairly certain that WAN and LAN are on separate subnets, LAN is on /24 and WAN is entirely handled by DHCP.
My config file: http://dl.dropbox.com/u/9118076/config-pfSense.localdomain-20111010144530.xml
-
Your laptops apparently are using 192.168.0.1 as their gateway. The pfSense LAN interface IP address in the configuration file is 192.168.0.2.
What has IP address 192.168.0.1 and why are your clients routing through it?
I'm fairly certain that WAN and LAN are on separate subnets, LAN is on /24 and WAN is entirely handled by DHCP.
?
WAN having its IP address assigned by DHCP is not sufficient to guarantee it will get an IP address in a different subnet from the subnet you have assigned to LAN.I don't recall you mentioning what you have upstream of the WAN interface. Lots of small routers/modems use 192.168.0.0/24 as their LAN so one of them would assign your WAN interface an IP address on 192.168.0.0/24 which is the same subnet as your LAN. I suggest you check your WAN IP address (Status -> Interfaces) and report it here. If there is a conflict with your LAN subnet I suggest you move your LAN subnet to 192.168.251.0/24 (or something else well away from 192.168.0.0/24) and adjust the DHCP range on the LAN interface accordingly, restart pfSense, connect a client, cold start (fresh start, not 'resume from suspend' or the like) the client (to ensure you completely refresh its network configuration) and then test.
-
It being on 192.168.0.2 was due to a test(to see if there may be something that wasn't showing up on 192.168.0.1 that was conflicting).
24.52.224.193 is the gateway listed under Status–>Interfaces for WAN.
Should it normally be this hard to get pfsense set up to do something as basic as normal router functionality?
-
Should it normally be this hard to get pfsense set up to do something as basic as normal router functionality?
Are you referring to the length of time from your first post to now and that you still don't have it working? I'm sure it didn't take me anything like that long to get my first pfSense configuration working.
Some things haven't helped. Sometimes there have been long intervals between someone asking for information and you replying. There are probably good reasons for that. I'm just saying those intervals haven't helped.
I asked for the WAN IP address but instead you gave me the IP address of the WAN gateway. Please provide the IP address of the pfSense WAN interface.
I noticed your configuration file still has a gateway on the LAN. This appears unnecessary. The configuration file of my production pfSense has two gateways on the LAN but these correspond to actual gateways for "downstream" networks. The configuration file for my test pfSense has no gateways on LAN and it works fine. I don't know if removing your unnecessary gateway definition will help but in the interests of making the configuration as simple as possible please delete the LANGW gateway through the web GUI, confirm it has gone from the configuration file, reboot pfSense to ensure the running firewall has no hint of the LANGW and retest.
-
Well damn, that was a ridiculously simple fix. Thanks
-
What was the ridiculously simple fix? There were a number of configuration problems.
-
May i make assumption. DHCP was serving .1 address as gateway and pfsense were .2?
