No connection through pfSense
-
I've today tried to setup a pfSense on a Dell PowerEdge 1750 (dual 3.06GHz XEON 4GB RAM) but something is wrong :(
I've tried both pfSense 1.2.2 and the newest stable release, both with same outcome.
pfSense is connectible from LAN, DHCP server hands out IP's at a glance.
WAN is DHCP and recieves the IP from ISP as it should.But that's about it! NO connection LAN <-> WAN, not from pfSense and not from LAN clients.
I've tried several configurations during the day, none of them made any difference.
Any suggestions what could be the error?
-
With no technical details, it's impossible to say.
With a default install, if you've correctly identified the LAN and WAN interfaces, it should just work. Try a fresh install of 2.0 and check that your WAN interface has the ISP allocated address. Remember that many cable modems require a power cycle before they'll route traffic for a new device.
-
Hi,
Exactly the same thing has happened to me.
I set up pfSense in a virtual machine and configured all pysical and virtual machines' IP's to make internet connections through pfSense virtual machine.
Now, I'm typing this message from a pysical machine whose internet connection is made through pfSense virtual machine. This means pfSense working OK and I can make correct settings.
I have another pysical machine, but what happens to it is the same as the friend had told above. No internet connection is present except from dns queries. I can ping google.com, but I can not browse any site via either Firefox or wget.
I use Ubuntu 10.04 and configured my static IP's in /etc/network/interfaces which I did the same thing in a virtual machine which is working great now.
Any ideas?
-
For both of you, the first test is to see if a machine on the LAN can ping the WAN address of the pfsense. If you can, then ping the WAN gateway. If that works, then it is setup correctly and something else having to do with your router might be the problem. One thing you will also need to check is that if you are getting a private IP from your WAN DHCP, then you will need to make sure that the WAN interface option of blocking private networks is turned off.
ceremcem, if you can ping google.com, the internet connection is made. If you cannot browse, this is usually a DNS problem.
-
Hi,
Thanks for the quick answer.
I can ping both pfSense's WAN IP and pfSense's gateway from the machine which has problematic internet connection (Laptop). I can browse pfSense's web gui from the Laptop also.
I would think if I could ping google.com, then this proves that DNS settings are working as expected. I'm sure that DNS settings are correct because when I check /etc/resolv.conf I can see "nameserver 8.8.8.8" and when I change my IP and default gateway, everything works correctly. Also I have to add this: When I type google.com in my web browser and wait for about 2 minutes, title of the page comes. After 5 minutes, favicon could be seen. But no body of the page could be seen until "Page can not be loaded" message is shown.
So, could we say "This means extremely slow internet connection problem"?
Edit: There is another issue now. I could connect to this site, started to write my reply but couldn't post it because there was no internet connection on this working machine either. Now I'm directly connected to the gateway.
-
I reset my pfSense box to the factory defaults. While setting up interfaces, pfSense complains with the message "No link-up detected." . I'm digging in.
-
What type of NICs do you have in the machine?
-
I restarted pfSense, made interface setup by hand. Then changed IP settings on the "client" machine to connect pfSense and pfSense seemed to start working.
When I tried to connect gui, "500 internal server error" was shown. I looked at the virtual machine screen, "symlink error, no space left on the device" error was shown. I'm erasing all of them, downloading an iso image and I will set them all up from scratch with a 8 GB space.
Also: I can not understand what you mean with the NIC related question, since I have limited knowledge about what you are possibly talking about. Let me learn some, I will get back to you.
-
Also I have to add this: When I type google.com in my web browser and wait for about 2 minutes, title of the page comes. After 5 minutes, favicon could be seen. But no body of the page could be seen until "Page can not be loaded" message is shown.
So, could we say "This means extremely slow internet connection problem"?
No, just your browser filling in from cache.
-
I'm using Ubuntu on all the machines.
This is the working configuration of THE_PROBLEMATIC_MACHINE:
Contents of "over-modem.sh":
#!/bin/bash ifconfig wlan0 192.168.0.11/24 route add default gw 192.168.0.1 wlan0 ifconfig wlan0 route -n
Execution output:
ceremcem@cca-peynir:~$ sudo ./over-modem.sh [sudo] password for ceremcem: wlan0 Link encap:Ethernet HWaddr 74:f0:6d:09:91:54 inet addr:192.168.0.11 Bcast:192.168.0.255 Mask:255.255.255.0 inet6 addr: fe80::76f0:6dff:fe09:9154/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:68556 errors:0 dropped:0 overruns:0 frame:0 TX packets:60755 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:44370422 (44.3 MB) TX bytes:15999975 (15.9 MB) Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0 0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 wlan0
traceroute output:
ceremcem@cca-peynir:~$ traceroute google.com traceroute to google.com (173.194.67.106), 30 hops max, 60 byte packets 1 10.12.0.1 (10.12.0.1) 16.806 ms 16.599 ms 16.457 ms 2 172.25.35.25 (172.25.35.25) 16.365 ms 16.222 ms 16.096 ms 3 * * * 4 izmr-2-2-izmr-3-4.turktelekom.com.tr (81.212.222.41) 21.540 ms 21.479 ms 21.407 ms 5 uls-2-2-izmr-2-2.turktelekom.com.tr (81.212.26.210) 35.391 ms 37.496 ms 37.396 ms 6 ms-col-2-uls-2-2.turktelekom.com.tr (212.156.102.81) 92.361 ms 82.691 ms 91.997 ms 7 212.156.102.14.static.turktelekom.com.tr (212.156.102.14) 93.065 ms 93.257 ms 93.689 ms 8 209.85.254.92 (209.85.254.92) 92.202 ms 209.85.254.250 (209.85.254.250) 86.555 ms 94.451 ms 9 209.85.255.70 (209.85.255.70) 94.415 ms 94.342 ms 209.85.255.72 (209.85.255.72) 94.304 ms 10 209.85.240.158 (209.85.240.158) 107.233 ms 209.85.240.221 (209.85.240.221) 107.157 ms 209.85.240.158 (209.85.240.158) 107.118 ms 11 209.85.250.165 (209.85.250.165) 107.020 ms 106.941 ms 209.85.250.167 (209.85.250.167) 110.486 ms 12 * * * 13 wi-in-f106.1e100.net (173.194.67.106) 104.037 ms 103.917 ms 99.949 ms
If I change the ip in that way, internet connection disappears:
Contents of "over-pfsense.sh":
ifconfig wlan0 10.0.1.11/24 route add default gw 10.0.1.1 wlan0 ifconfig wlan0 route -n
Here is execution output:
ceremcem@cca-peynir:~$ sudo ./over-pfsense.sh wlan0 Link encap:Ethernet HWaddr 74:f0:6d:09:91:54 inet addr:10.0.1.11 Bcast:10.0.1.255 Mask:255.255.255.0 inet6 addr: fe80::76f0:6dff:fe09:9154/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:70024 errors:0 dropped:0 overruns:0 frame:0 TX packets:61680 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:46251309 (46.2 MB) TX bytes:16106481 (16.1 MB) Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.0.1.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0 0.0.0.0 10.0.1.1 0.0.0.0 UG 0 0 0 wlan0
Here is traceroute output:
ceremcem@cca-peynir:~$ traceroute google.com traceroute to google.com (173.194.67.105), 30 hops max, 60 byte packets 1 10.0.1.1 (10.0.1.1) 2.057 ms 2.972 ms 2.846 ms 2 10.12.0.1 (10.12.0.1) 11.241 ms 11.131 ms 19.620 ms 3 172.25.35.25 (172.25.35.25) 20.677 ms 21.907 ms 21.764 ms 4 * * * 5 izmr-2-2-izmr-3-4.turktelekom.com.tr (81.212.222.41) 26.902 ms 26.842 ms 26.620 ms 6 uls-2-2-izmr-2-2.turktelekom.com.tr (81.212.26.210) 39.045 ms 29.144 ms 30.038 ms 7 ms-col-2-uls-2-2.turktelekom.com.tr (212.156.102.81) 89.296 ms 89.214 ms 89.151 ms 8 212.156.102.14.static.turktelekom.com.tr (212.156.102.14) 100.893 ms 100.825 ms 100.748 ms 9 209.85.254.92 (209.85.254.92) 100.616 ms 100.556 ms 209.85.254.250 (209.85.254.250) 100.446 ms 10 209.85.255.74 (209.85.255.74) 101.237 ms 209.85.255.72 (209.85.255.72) 106.939 ms 106.875 ms 11 209.85.240.158 (209.85.240.158) 113.903 ms 209.85.240.221 (209.85.240.221) 112.697 ms 110.949 ms 12 209.85.250.165 (209.85.250.165) 99.229 ms 209.85.250.167 (209.85.250.167) 100.491 ms 209.85.250.165 (209.85.250.165) 102.901 ms 13 * * * 14 wi-in-f105.1e100.net (173.194.67.105) 220.406 ms 222.355 ms 220.278 ms ceremcem@cca-peynir:~$
From THE_PROBLEMATIC_MACHINE, I can ping the machine and browse the gui of pfsense but I can not have the internet sites (eg. google.com).
I don't know how I could debug the problem any further… Any ideas?