Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Install help for a nanobsd system

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    28 Posts 4 Posters 6.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      wallabybob
      last edited by

      For some reason the pfSense default route points to the IP address of your LAN interface. I can't imagine a circumsance in which that would be a useful thing to do.For some reason you have routes to particular individual web sites, perhaps trying to correct an earlier mistake. I suspect you have done more to your system than you have owned up to!

      When pppoe starts up on WAN the default route is normally set to the IP address of the other end of the PPPoE connection.

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis
        last edited by

        It looks like you have some non-default settings in System->Routing Gateways:

        1. WAN (probably called WAN_DHCP or similar) - monitor IP set to 8.8.8.8 - that will add a specific route to your routing table sending 8.8.8.8 out WAN (your pppoe) - this is a good thing and the reason you can ping 8.8.8.8
        2. GW_LAN in your screen shots - there seems to be a (default) gateway set on LAN - normally LAN should have no gateway, and almost never is the default gateway.
          Suggestion: change the default gateway to WAN and then delete GW_LAN. (edits/deletes in System->Routing Gateways tab)

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • L
          Legion
          last edited by

          Thank you very much, wallabybob and Steve (and phil, as I was typing my reply)! Posting from pfSense now, before I take it down again and lock it down. No doubt many more questions to come.

          wallabybob, it was a case of Hanlon's Razor I think.

          I don't remember configuring it, but I ended up with two gateways on here:

          with the LAN being the default and probably pointing to 192.168.2.1 (i.e. itself). Maybe I did that from the pfSense CLI when setting interface IP addresses?

          Deleting the default LAN one and setting the default to WAN did the trick.

          Also, if I manually set DNS servers (my ISP and the two google ones) as Steve suggested with my 2.0.2 build, they appear in the routing table like this:

          Clearing out those settings (obviously the bug's fixed in 2.1), I end up with a table that looks like this:

          which "feels" more like it should now that I have a vague clue what to look for.

          Now that I've gotten the system up and running, be prepared for 1000 more dumb questions as I delve into the world of pfSense. Next steps, WLAN interface, VPN access to the webGUI, certificate or time-based rules for three restricted users w/ unlimited access for two other users, locking everything up based on MAC addresses, setting up a guest WLAN interface (virtual?) for visitors. Then, trying to get 802.11n working (with 2.2, I guess). I've spent $$$ on hardware, so giving up is not an option.

          Interestingly, one other thing I still need to do with 2.1 is the kern.cam.boot_delay=10000 setting for my USB system. Won't boot without it.

          1 Reply Last reply Reply Quote 0
          • L
            Legion
            last edited by

            OK, another hiccup. I went back this afternoon to set up a wifi interface. Similar to before I could instantly connect within the local net but not "see" out. In the process of changing some settings (bit like the doc.pfsense tutorial), the webGUI hung, the pfSense box died with a page fault or something. I tried rebooting, but I get a series of messages and can't proceed. Some of the messages are like the seemingly well-worn one where I should specify "set vfs.root.mountfrom.options=rw" at the loader prompt. That's obviously irrelevant to my ro USB installation, but I tried anyway.

            The place where it crashes every time is on configuring the OPT1 interface. I'm guessing since that's where the webGUI hung some settings got corrupted.

            I tried booting in safe mode, single user mode, USB mode, setting a few things at the loader prompt (e.g. "if_ath_load=NO") but nothing worked.

            The most common place it dies indicates that there's a problem with ath0, and it's usually right after trying to load OPT1 (gets a few more lines of boot output then dies).

            My question is, is there a setting I can set that will prevent the kernel trying to load OPT1? I'd prefer to try to repair my semi-working install than reinstall from scratch, but if it's irrepairable I will do that.

            1 Reply Last reply Reply Quote 0
            • W
              wallabybob
              last edited by

              I presume OPT1 is the ath0 WiFi interface. Is that interface configured as an AccessPoint? (Mode = AccessPoint, other choices are Infrastructure and Ad-Hoc)

              I think I have read recently that Mode = Infrastructure on ath devices seems to cause system crashes.

              Is the system now crashing on startup? You might need to temporarily remove the WiFi interface to stop the crashes on startup so you can change the configuration.

              1 Reply Last reply Reply Quote 0
              • L
                Legion
                last edited by

                Yes, OPT1 == ath0.

                I set it up as an access point, but it wasn't working so that is what I was doing ( from memory) - changing to infrastructure mode.

                Card is an Atheros 9280 mini PCIe.

                Physically it's underneath another board (Jetway's "daughter board" interface) and the whole router box is a tight fit. It might be easier to just reinstall pfSense than pull out the screwdrivers. Then I'll slowly get more familiar with pfSense anyway. I just hoped there was a command line way to prevent interfaces from loading.

                1 Reply Last reply Reply Quote 0
                • W
                  wallabybob
                  last edited by

                  Reinstall will work. It is worthwhile saving the pfSense configuration file from time to time.

                  Are you wanting the pfSense WiFi interface to act as an AccessPoint?

                  1 Reply Last reply Reply Quote 0
                  • L
                    Legion
                    last edited by

                    Lesson learned.

                    Yes, I'm replacing a wifi router at home. An all-in-one Intel Atom box with a 3 x Intel NIC add-on card and an Atheros 9280 wifi add-on card with an external antenna. pfSense fulfils a particular need I have for firewall management, that's why I'm going with it.

                    1 Reply Last reply Reply Quote 0
                    • stephenw10S
                      stephenw10 Netgate Administrator
                      last edited by

                      The Atheros 9280 is a relatively new card. I imagine it will only work at all under 2.1 and even then I don't know how much support it will have.
                      Definitely no 5GHz support, almost certainly no 802.11N support. If it works at all it will be in 802.11G mode. If you are configuring it as 802.11N try using only 'G' mode.

                      Steve

                      1 Reply Last reply Reply Quote 0
                      • L
                        Legion
                        last edited by

                        Thanks to all your help I'm now an "expert" at installing pfSense 2.1.

                        In short, I can get a good basic working system.

                        I did get several hangs on reboot while trying to set up a WLAN. Now I've got about 10 config backups after taking wallabybob's advice and quite a few of them have been used. Had to reimage a few times I got so stuck. But now I'm on a good config and it all seems good.

                        I followed this method to set a WLAN on my Atheros AR9280. Config looks like this:

                        I could also "sort of" get it working in 802.11ng mode, except when I do it reverts to channel 1 (no matter what I set it to in the webGUI) and I run out of patience waiting for my Windows box to connect again. That is, pfSense boots fine and I can mess around on its shell and ifconfig tells me that the WLAN is in 802.11ng mode, but I can't connect via the LAN with my Windows box (and I didn't try with a wifi device). Rebooted pfSense, Windows, reconnected cables, after about 10 minutes of stuffing around I gave up. So I'll stick with 802.11g for now (good enough for my needs) and revisit the topic later on.

                        802.11n isn't an option on the drop-down box in the webGUI, just ng (amongst others).

                        I added these lines to loader.conf.local, not sure if I need them:

                        I'm happy to post any specifics if you want to know more about my config.

                        Thanks again.

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.