Pfsense Initial Setup Lan Issue
-
Ok, so I apologize for how stupid this likely is.
I have installed pfsense and setup is as follows:
Modem (Cisco DPC3825) (IP=192.168.0.1, Subnet Mask=255.255.255.0) –> WAN (IP=192.168.0.12 Static, Subnet Mask=255.255.255.0, Gateway=192.168.0.1 ) pfsense LAN (IP=192.168.1.1, Subnet Mask=255.255.255.0, Gateway=none, DHCP Enabled). Now the eventual goal is to add a wireless router to the LAN and connect several devices to it and configure the pfsense to act as a firewall, but I digress.
The trouble I currently have is if I plug my PC directly into the pfsense LAN I cannot ping the LAN, and therefore cannot access the web GUI to set everything else up.
Thoughts? (likely something obvious). Here is ipconfig dump from PC:
C:\Users\Aaron>ipconfig Windows IP Configuration Wireless LAN adapter Local Area Connection* 20: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Wireless LAN adapter Wi-Fi: Connection-specific DNS Suffix . : Link-local IPv6 Address . . . . . : fe80::c5ce:fab9:7161:e8cc%34 IPv4 Address. . . . . . . . . . . : 192.168.0.11 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.0.1 Ethernet adapter Ethernet: Connection-specific DNS Suffix . : Link-local IPv6 Address . . . . . : fe80::d434:16bb:af69:31ec%33 IPv4 Address. . . . . . . . . . . : 192.168.1.10 Subnet Mask . . . . . . . . . . . : 255.255.255.0 IPv4 Address. . . . . . . . . . . : 192.168.1.35 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.1 Ethernet adapter Bluetooth Network Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Ethernet adapter VMware Network Adapter VMnet1: Connection-specific DNS Suffix . : Link-local IPv6 Address . . . . . : fe80::b0e1:bb95:bd24:12d7%19 IPv4 Address. . . . . . . . . . . : 192.168.75.1 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : Ethernet adapter VMware Network Adapter VMnet8: Connection-specific DNS Suffix . : Link-local IPv6 Address . . . . . : fe80::108:ff70:6800:d934%20 IPv4 Address. . . . . . . . . . . : 192.168.56.1 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : Tunnel adapter isatap.{BB9F420A-FD3C-49FC-9B5C-0704EBEE21FB}: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter Teredo Tunneling Pseudo-Interface: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter isatap.{49DA2FDF-0906-443E-89B6-A467265E13A6}: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter isatap.{DF339F24-DF79-4C2E-A5A4-D2BAA8B61B41}: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter isatap.{71184B2B-96A1-45B1-A9F0-989793EFC407}: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : C:\Users\Aaron> -
The wired ethernet is showing two IP address, this is likely a windows problem, trying doing a release/renew or "Repair" on the ethernet connection
and see if that helps. If that doesn't get it, try doing a "arp -a" to print the arp table. -
I have fixed reset the PCs ethernet adapter. My issue still exists however. For one, LAN does not give my system an IP, despite the fact it is setup to. I am confident now this is an issue with the pfsense side of things, so here is some information about that side. The pfsense system can call out to the internet no problem, it is the LAN causing issues. in ifconfig the LAN shows as "re1" but in the main menu it shows as usbus0… not sure if that matters?
Im getting close to my wits end with this so if any information is required to help me please let me know as this is driving me insane.
-
" in ifconfig the LAN shows as "re1" but in the main menu it shows as usbus0… not sure if that matters?"
Can you show us your pfsense interfaces, under status
if your not getting IP from the dhcp server running on pfsense - yes this points to problem. So your manually setting IP on your PC, when you try and ping the pfsense lan IP, and then look in you arp table
arp -a
Do you see anything for the pfsense IP?
-
I cannot show you the pfsense interfaces because I cannot access the webgui, because I cant communicate with LAN. So as you said, I plugged my PC into the LAN in pfsense, and manually assign (because DHCP is not working apparently) and IP in the same subnet as my lan, using the same mask, and the LAN IP as the gateway. I still cannot ping the LAN ip, or access the webgui. ARP table shows nothing for pfsense. I did a little troubleshooting from the pfsense box itself, which yielded something interesting.
First, I pinged my mode, which worked fine.
Then I pinged Google (8.8.8.8), that worked no problem.
Then I pinged my LAN IP which worked fine.
Then I tried pinging the PC that is connected to LAN, and the system kernel panicked.
So I tried again… same result. Anytime I try to ping through the LAN interface, a kernel panick... I hope someone has an idea :( -
another update… apparently the interface was not going up by default so I had to "ifconfig re1 up"
and after that, there was no inet address so I had to "ifconfig re1 172.16.0.1 up"still does not work though.
-
Im starting to think I have an unsupported NIC (DLink DGE-530T) and this can't be resolved, which is awesome.
-
I can now ping my PC on LAN subnet without kernel panic…
-
I can now ping anything on the LAN subnet from the pfsense box, but not the pfsense box from the LAN subnet.
My arp table is as follows:
C:\Users\Aaron>arp -a Interface: 169.254.18.215 --- 0x13 Internet Address Physical Address Type 224.0.0.22 01-00-5e-00-00-16 static 224.0.0.252 01-00-5e-00-00-fc static Interface: 169.254.217.52 --- 0x14 Internet Address Physical Address Type 224.0.0.22 01-00-5e-00-00-16 static 224.0.0.252 01-00-5e-00-00-fc static Interface: 172.16.0.37 --- 0x2f Internet Address Physical Address Type 172.16.0.1 90-94-e4-5f-55-85 dynamic 172.16.255.255 ff-ff-ff-ff-ff-ff static 224.0.0.22 01-00-5e-00-00-16 static 224.0.0.252 01-00-5e-00-00-fc static 255.255.255.255 ff-ff-ff-ff-ff-ff static C:\Users\Aaron> -
172.16.0.1 is the pfsense LAN IP, and that is the correct Mac address for it, but I still can't access the web-interface
-
Im starting to think I have an unsupported NIC (DLink DGE-530T) and this can't be resolved, which is awesome.
What is the FreeBSD device name for your LAN device? (displayed by shell command```
/etc/rc.banner
What version of pfSense are you using? Your arp table shows entries in the 172.16.0.37/x subnet but your pfSense LAN IP address is 192.168.1.1. How does the system whose arp table you displayed get to the pfSense LAN interface? -
Sorry, my pfsense LAN IP is not 192.168.1.1 anymore, i had modified it to 172.16.0.1 for later avoidance of VPN issues. I thought I had mentioned that but must have forgotten. I am running the beta version as this was the only version to even detect my NIC. The LAN device is labeled "usbus0"
-
Sorry, my pfsense LAN IP is not 192.168.1.1 anymore, i had modified it to 172.16.0.1 for later avoidance of VPN issues.
Did you reboot after changing the LAN IP address. It has been my experience that a reboot seemed to me necessary after changing subnet of interface.
I am running the beta version as this was the only version to even detect my NIC. The LAN device is labeled "usbus0"
So you are using a GigE device for your WAN interface and a USB NIC for your LAN? Strange choice! It is while since I used a USB NIC, but I have a recollection the device name of USB NIC was something like ue0, udav0 etc not a name of an I/O bus. Please post the output of pfSense command```
ifconfig
-
Resolved…
added hw.usb.no_pf=1 to loader.conf file. The issue was with my interface being given two names by pfsense, and neither being configurable.
