Cannot connect to the internet using pfsense.
-
If it were me- Id put the modem in bridge mode… Let pfSense handle the routing... then look up how to use the Dlink as an AP and switch only...
+1
In your current layout with pfsense getting private on wan, the pfsense doing nat by default, then your dlink doing nat again by default –> you would be doing triple nat before a client gets an IP from your dlink -- why would you want that?
-
Sorry its been a while since I replied back. Work came down on me like a ton of bricks, Ive barely been home.
I am still needing some help with this. I like the idea of bridging the modem with the pf sense box and using the dlink as an AP. What exactly would bridging the connections do? and how would I go about setting this up? Are are there any links to any tutorials or the like?
-
Bridging is done by your modem and effectively means your pfSense box becomes the ISP connected device. The manual of your modem should tell you how to do that. The same applies to your D-Link device - check the manual to see if it has a dedicated AP mode (if it doesn't just set it to have a LAN IP outside of the DHCP range and connect it to the switch using a LAN port only).
-
Im trying to find how to bridge the modem I have, but I'm having a really hard time finding anything useful, it doesn’t seem to be a very known brand. Its a Terayon TJ715X. If I am unable to bridge the modem, than I guess my next question would be; Is it necessary to do so, or is there something else I could do?
-
You sure thats your model number?
From this thread
http://www.dslreports.com/forum/remark,9183491That model number seems to be just a cable modem, not nat device - but clearly your wan is a private on your pfsense. So your set to dhcp on your pfsense wan?
-
The most likely problem you are having is that your WAN and LAN are in the same subnet, 192.168.1.X, and this has broken routing.
To get working just change you LAN IP to some other subnet. 172.16.1.1/24, as Cry Havok suggested, is almost certain not to be in use by anything else. If you do this using the console it will also change your dhcp server settings, which is good!Once you get working try to bridge your modem. One step at a time. ;)
Steve
@Johnpoz: He is also using a D-link router which may be doing NAT.
-
The router is after pfsense from what he stated.
Maybe he is not connected to the right interface - maybe he has lan connected to modem and wan connected to router? But if that was the case and connected to the routers wan - he would not be getting a IP.
-
OK, I have tried everything thats been suggested except bridging the connection and I am still getting no where. I have also noticed that no matter what I do at this point the WAN interface does not have an IP address. it just says 0.0.0.0 (DHCP)
Also Im not sure why my WAN originally showed 192.168.1.107, It must have been a fluke or an improper configuration, I have since reformatted and started fresh and it has been all zeros ever since.
-
With many cable modems they will only hand out IP addresses to a single computer (MAC address) so you often have to power cycle the modem to make it 'see' a new device. In some cases it may be necessary to spoof the MAC of your pfSense WAN address to match your old router.
Steve
Edit: V ;)
-
Ok 0.0.0.0 is better than a private! So if your connected to a "cable" modem and your not getting an IP from your ISP. Then have you rebooted your modem? Remove power from it and turned it back on.
Quite often when a new mac is seen on the modem you have to reboot it to allow the new mac to work. If you had your computer/router connected to say your modem, and then you connect a different box that is going to be pfsense - then you need to power cycle your modem so that pfsense mac will work with it.
edit: ^ Jinks! stephenw10 ;)
-
I have actually tried power cycling the modem several times along with spoofing the MAC from my PC, but I have not tried the MAC from the Dlink. I will give it a try and let you know.
-
OK I got it! My ISP had to recognize it from there end apparently, so all is well in that area now. So the last step in what I'm trying to do should be simple. My pfsense box only has 2 network cards, one WAN and LAN, at this point I want to be able to use my dlink to connect all of my computers and such. I believe I know how to get my dlink to act as an AP, but will that configuration work for wired computers as well as wireless?
Again, my end goal is;
Modem->pfsense->dlink->everything else (wired and wireless)the guide I found to set my dlink to AP mode is here: https://blogs.oracle.com/simonthorpe/entry/configuring_a_dlink_dir_655_as
it seems like it should work great, but it makes no mention of whether or not I can still use the remaining LAN ports.EDIT: I temporarily have the LAN of pfsense connected to WAN of dlink and my network is functioning like normal, however I assume this means the dlink is still handling everything and is doing nothing more than passing through pfsense. I would prefer pfsense to handle everything and the dlink to basically function as nothing more than extra lan ports and wifi access if possible.
-
Generally speaking you can use a router as an access point and switch by simply disabling the dhcp server and connecting to one of the lan ports. Leave the wan port empty.
However you may be able to set the d-link purely as an access point, disabling routing and NAT, and use the wan port. This would obviously give you more usable switch ports .Pretty much what's described in that blog post. ;)
Steve
-
OK, thanks. I will hopefully have time to give it shot tonight. I really appreciate everyone’s help. you all have been amazingly helpful.
-
Yup! It really was that simple. thank you all for your help. I have everything set-up exactly how I wanted it, and because of the AP advice I actually have a better configuration than I was originally shooting for. Thank you.
-
I do have one last question. Now that this is all set-up I can no longer access the webui for my dlink. It it still set to 192.168.1.1, But I have pfsense running on 172.168.1.x. I can access pfsense webui fine, but not my dlink.
-
I hope you meant 172.16.1.x range, since 172.168. is a routeable IP address used on the Internet…
To access your D-Link change the IP of your desktop/laptop to 192.168.1.2 and then set the IP of the D-Link to be something outside of the DHCP range pfSense is allocating (eg 172.16.1.2).