Why can't this vlan get internet?
-
Hi all. I appareciate any help in advance, as I am new to pfsense and really networking in general and am now using it as a home firewall to try and learn about all of this. I was able to get one vlan internet access, but have tried like every rule to get this other vlan (calling it DMZ) to get internet, including even giving it an allow all rule and still no go. Any help is appreciated…the dns itself is getting blocked still!
-
Try restarting, specialy if you have made multiple changes. Are you using advanced outbound nat?
-
Have the same issue and even restarted dont acess internet on my vlan…
-
Restarting did end up fixing it for me.
-
Have the same issue and even restarted dont acess internet on my vlan…
Do have the VIP, rules, and NAT setup correctly? Could you give a bit more information?
-
then tried to do but could not do the vlan vlan work with the rules and enabling dhcp on vlan, vlan has some tutorial?
-
Yes … in the book and there used to be some at docs.pfsense.org.
-
and
-
The rules and interface look good. What about your advanced outbound NAT?
-
I do not know how to make outbound nat can you help me?
-
There are docs at http://doc.pfsense.org on how to get that done. Auto might work, but I always wanted to be sure with manually added outbound NAT.
-
this is how i make que outbound nat:
-
You are going to need a rule for each interface and virtual interface aside from VPN and WAN to make sure that everything is working.
-
i need to make more 2 rules to WAN's and 1 LAN?
equal i have to vlan? -
The interface is all WAN … it is the subnets that change. The subnets will match your VLANs and LAN.
-
You don't have anything there that appears to need manual outbound NAT, best to keep to automatic as it'll take care of the proper rules for you (and what you showed in the last screenshots is very wrong). With automatic outbound NAT and the firewall rule shown, you're set as long as the VLAN in general functions and is setup correctly on your switch(es). Make sure you can ping the firewall IP on that VLAN. See if DNS resolution works.