New install - no browser menu or internet communication
-
Hi, never be afraid to ask for help. :)
Just a quick point of information, you've written r10 for the LAN interface but it's actually rl0. Could just be a typo but could confuse things later. It refers to the first adapter using the rl driver. This is widely regarded as a poor network card but that's not your problem.
You cannot have the WAN and LAN interfaces in the same subnet as it breaks pfSense's routing ability.
You have changed the IP addresses to avoid duplicates but they are still in the same subnet. You could use these for example:
WAN receives it's IP from the modem via DHCP so leave the modem in it's default config: 192.168.1.1/24
LAN - 192.168.2.1/24.That may fix you problems however even with that subnet issue I would still have expected your client machine to reach the pfSense webgui. If you are connecting directly from the client to the pfSense box (no switch or hub) you may need a cross over cable with older NICs like this. You should be able to diagnose that via the LEDs on the networks cards, is a link established?
Steve
-
Thanks for the reply. Modem's back to 192.168.1.1 and firewall LAN is 192.168.2.1/24, still unable to get the browser menu or online in this configuration. The firewall WAN now says 192.168.1.67 (DHCP).
As far as seeing a link established - what am I looking for? The lights on both cards come on, if that's any indication, and I used the [a] option when setting up pfSense so I assume they were recognized and communicating.
There aren't any switches or hubs, but there is a connector to lengthen the LAN cable which could be eliminated with a little rearranging.
If it matters, I can ping both Google and my computer from the firewall box.
rI0 is a Realtek, and vr0 is a D-Link using Via drivers.
I probably should get a crossover cable just to have one handy, and was planning to get better NICs to improve throughput anyway. If you've got any recommendations for some budget cards, great.
Thanks again.
-
Ah Ok. If you can ping both the client and Google from the pfSense console then both NICs are clearly connected correctly.
How is the IP address of the client configured? Is it assigned via dhcp from pfSense?
I take it you can't ping the pfSense box from the client?If you don't need gigabit speeds it's hard to beat second hand Intel pro100 cards.
Steve
-
Is the Client IP configured through pfSense? I don't remember seeing any settings for that. I can go to the modem settings @ 192.168.1.1 and set LAN and WAN, but everything there is back to default values now.
Is there somewhere I was supposed to set that up and missed it somehow?
Just for fun I reinstalled pfSense and reversed the roles of the NICs. Didn't help.
Can't ping anything from Client when the firewall's hooked up.
Going to look for some cards now…
-
The modem setup appears to be correct since it is giving an address to the pfSense WAN address and pfSense can ping google.com.
The pfSense LAN interface will usually hand out addresses to anything that is connected to it via DHCP. It's been a while since I did an initial install but I believe you are given a choice something like 'enable dhcp on LAN?'. If you chose not to run dhcp on the LAN interface and have instead configured the client computer manaully there may be a mistake. If you have enabled DHCP on LAN and the cleint is correctly receiving it's address from pfSense then that shows some communication is taking place.
Steve
-
The console menu, option 2, is "Set Interface IP address"
[Enter IPv$ address]
[Subnet Mask]
[Enable DHCP?] –->I've been saying "n"<---
If "y" then it wants a start address of the client address rangeCourse, I've got almost no idea of what all that means. ;)
-
Ah, this is good!
So what is the client computers IP address currently? I assume you entered that directly?At that prompt enter 'y' and then set a range of addresses you want to use for clients. Since you only have one client this is not important. Assuming the LAN is still 192.168.2.1/24 you could use:
Start address: 192.168.2.11
End address: 192.168.2.20This allows for up to 10 clients, you can change that at any time later though.
Now in order for this to make any difference you need to set the cleint computer to obtain it's IP address automatically via DHCP. Is it a Windows box?
Steve
-
Yes, Win7 box.
I'm unsure about how to answer your question of setting the client IP address. As far as I know, that was automatic. I didn't set anything.
The LAN is still 192.168.2.1
I can get to the modem configuration via 192.168.1.1 and it lets me set address and submask. No DHCP.
-
Found the client DHCP settings through 192.168.1.1
DHCP: On
Beginning IP Address: 192.168.1.64
Ending IP Address: 192.168.1.254
Subnet Mask:255.255.255.0
Lease Time: 86400
Domain Name: domain_not_set.ir
DNS Dynamic or Static (Dynamic selected)
DNS Server 1: Blank
DNS Server 2: Blank -
Windows by default is set to obtain an IP address via dhcp so if you haven't changed that and manually configured an address it should get an address from pfSense in the specified range. You may have to trigger it to ask for an address though by disconnecting/reconnecting the cable or rebooting. If it fails to find a dhcp server Windows will assign itself an address in the form 169.254.X.X. This is bad!
The modem is working fine, handing an address to pfSense, so don't change anything there. An interesting point though is where are you accessing the modem from? If it's from the Win7 machine through pfSense then you should be good to go.
Steve
-
I've set the pfSense address range per your directions. Should I reboot both boxes now?
-
You shouldn't need to reboot the pfSense box (almost ever!) but if you do make sure it's up and running before the windows box tries to get it's address.
You said you could ping the client computer earlier. What address were you pinging it on?
Steve
-
xxx.13.128.32
Not that I don't trust the folks here. Just policy. ;)
-
Hmm, now I'm confused. :-
I assume that is a public IP which is why you have sensibly redacted part of it. How did your Win7 machine get that address?Steve
-
How did your Win7 machine get that address?
Maybe it didn't. Maybe xtek was pinging that address and thought the response was coming from the windows machine.
-
When I hook up the firewall cables to the modem and Win box, I don't have any internet. So to post here, I have to disconnect from the firewall LAN and plug back into the modem. Then I can post here and determine my IP.
Hope that's not a problem.
-
I'm running a Firefox addon that shows my windows box IP, and I verified it through a online tool too.
-
I'm looking at getting 2 of these cards from eBay to replace the antique ones I'm using now. Any thoughts?
Intel PRO/100 S PCI RJ-45 Fast Ethernet Network Adapter LAN Like New PILA8460C3
And - is a crossover adapter as functional as buying a crossover cable? It's a lot cheaper and I've got extra Cat5e cables.
-
I'm running a Firefox addon that shows my windows box IP, and I verified it through a online tool too.
That might show the user's view of your IP (the public IP of your modem) rather than the actual IP of your computer. Because of the limited number of IPv4 addresses most home users access the Internet through a NAT (Network Address Translation) box so the private IP addresses space (192.168.0.0 to 192.168.255.255 among others) can be reused.
In Windows start a command prompt window and give the command```
ipconfig -
Sorry about that. All this IP/WAN/LAN stuff is mostly new to me. Ipconfig says 192.168.1.64.
It sounds like we're back to a problem with one or both of the cards I'm using. I'm going to order a couple replacements tonight and we'll try again when they come in. wallabybob, I do appreciate the input you and stephenw10 have given me.
Xavier