Pfsense 2.0.1 - PC can only browse web with a dynamic DHCP IP (not static lease)
-
To determine whether another PC is using LAN IP 192.168.0.100, I'm looking under STATUS > DHCP LEASES.
Wasn't sure whether there was a config file that might have additional detail about DHCP static assignments beyond what is displayed in the UI. Thought perhaps the data might have become corrupted.
I am able to connect into 192.168.0.100 using \192.168.0.100 to browse file shares and Win RDP for example.
As for 192.168.0.100 not communicating outbound, I simple use ping to www.google.com as a test. Or launch a browser on the 192.168.0.100 PC and attempt to access any web site. Not outbound traffic is being permitted.
Thanks for your help.
-
and did you try setting it to .99 or .199 or 143?
Also again dhcp has NOTHING to do with anything unless you clicked on static arp? Which can be used to block access to pfsense.
-
and did you try setting it to .99 or .199 or 143?
Also again dhcp has NOTHING to do with anything unless you clicked on static arp? Which can be used to block access to pfsense.
Now that you mention it, when I change the same PC to a static 192.168.0.99, .199 or .143, it works without issue. Only .100 results in the inability to access the internet from the PC.
Also, I am not using static ARP.
-
So what are your lan rules?
So I would have to assume you have some firewall blocking .100 or you got some issue with duplicate IP? When you say pfsense can reach .100 – can it still reach it when you change this pc .99?
-
So what are your lan rules?
So I would have to assume you have some firewall blocking .100 or you got some issue with duplicate IP? When you say pfsense can reach .100 – can it still reach it when you change this pc .99?
johnpoz, yes, I can still RDP to the machine once it is set to 192.168.0.99. In fact, it appears that if I assign ANY PC on my LAN a static IP of 192.168.0.100, that PC is unable to access the internet (ping, web, etc.). Since this box is a server, I'm particular about it having a static IP of 192.168.0.100.
My LAN rules are as shown.
http://postimage.org/image/a6q8rbdvt/ -
Since this box is a server, I'm particular about it having a static IP of 192.168.0.100.
Could it be that you have AoN rules or 1:1 NAT for this particular IP?
I often define my own AoN rules for servers to do some source NAT for VPN stuff. -
You misunderstood the question - when you change this machine .99, can you still talk to a .100 ?
What is the point the echo rule? Dest is the lan net? That rule would never be used.
-
I encountered a strange issue with pfsense 2.0.1-release.
I encountered a similar problem earlier. Did you try to remove all unneccessary rules and reboot the firewall(s)?
Do you have several routers/gateways on the same network?
Do you have several different dhcp servers on the lan?
We had a test pc running Win XP and finally had to give up; it seems Win XP "does something wrong" (not following standards/protocols correctly probably), When we connected a test-computer running Mac OS X everything worked fine.Cheers,
/E -
I encountered a strange issue with pfsense 2.0.1-release.
I encountered a similar problem earlier. Did you try to remove all unneccessary rules and reboot the firewall(s)?
Do you have several routers/gateways on the same network?
Do you have several different dhcp servers on the lan?
We had a test pc running Win XP and finally had to give up; it seems Win XP "does something wrong" (not following standards/protocols correctly probably), When we connected a test-computer running Mac OS X everything worked fine.Cheers,
/EWindows XP does not do anything wrong. There is something wrong with your configuration somewhere.
-
it seems Win XP "does something wrong" (not following standards/protocols correctly probably), When we connected a test-computer running Mac OS X everything worked fine.
Not going to say that MS does everything by the RFC's - but come on XP at one point was what 80+ % something of the market share for OSes.. You can find this sort of info at http://www.netmarketshare.com/operating-system-market-share.aspx?qprid=10
It currently shows still having 35% of the market – that is still a shit load of computers. If it was doing something wrong that broke networks or didn't work with devices, etc. It would be a pretty big issue and would of never gotten any significant share of the market.
