2.1 New Install - Strange Issues

garyhook

Ok…I've installed 2.1 - 8/27 version about 6 times today on different machines.  Each install goes fine until I try to configure access to SSH and webgui from the WAN.  I have the appropriate rule in the WAN Rules tab entered but not able to access.....something else strange is from the LAN side I'm able to ping any WAN address...www.google, etc. but NOT able to browse to it in a web page?  I have a LAN rule allowing everything to the WAN subnet....I'm just confused!

I've entered a rule on the WAN side allowing ICMG and am able to ping WAN address.

I've tried to shut off all of the IPv6 stuff as i thought that was the problem?

Any help would be appreciated!

podilarius

Could be any number of problems. First, what is the WAN and LAN ips?
what does a traceroute look like?
What are the rules that you have created or modified?
Did you setup DNS in firewall general settings?

Any detailed information would be helpful.

garyhook

WAN IP - 184.56.XX.XX (public)
LAN IP - 172.XX.XX.XX (Private)

Rules:  WAN#1 - Allow all ICMP
          WAN#2 - Allow ALL to port 8080
          WAN#3 - Allow ALL to port 222

I've enabled webgui in the system –> Advanced tab to http, TCP 8080,  sshd - port 222

On system --> General Setup I've enabled DNS Servers 4.2.2.2 and 8.8.8.8 to use the WAN Gateway...have "Allow DNS server list to be overridden by DHCP/PPP on WAN" checked.

wallabybob

@garyhook:

I've enabled webgui in the system –> Advanced tab to http, TCP 8080,  sshd - port 222

These are non standard port numbers. You didn't mention if your access attempts also specify the corresponding non-standard port number.

Perhaps you also need to restart the servers on pfSense AFTER specifying the non-standard port numbers.

@garyhook:

from the LAN side I'm able to ping any WAN address…www.google, etc. but NOT able to browse to it in a web page?

In almost all cases the exact text of the browser error report is much more informative than "not able to browse".

podilarius

Also rules on you LAN, WAN, and NAT are going to be important also. What type of NICs? How about a traceroute to see how are you are getting?

garyhook

rebooted several times just to make sure…..the "not able to browse" is just reflective of the typical M$ error page in IE.  No error codes in the browser at all....just reported "This webpage is not available...could not load the webpage because XXXXXXX took too long to respond...Here are some suggestions:...etc., etc.

I'll do a trace route in a bit and post it back.

garyhook

Ok…sorry to bother the forum with this issue....it's fixed now after 7 hours of messing around.  The problem resided in the use of Sabrenet NT-USB20 USB to Ethernet device on the WAN.  Weird that the device, when connected, was recognized and allowed me to set up the box.  I was able to get a DHCP connection and was able to ping through the device tp www.google.com and other but was not able to browse outside the LAN network with computers on the LAN.  The LAN card is a MB Nvidia.

With NO changes to the rules or the Box other than swapping out the device to a StarTech USB/Ethernet dongle.  The dongle was setup as the ue0 device as ta-dah!  Success!  Am able to browse the internet from the LAN and access the webgui and sshd from the WAN.