ICMP pings still timing out despite ICMP traffic being reported as passed
-
To bob314 - I see no point in forwarding ICMP into something behind your pfsense.. Why can pfsense not just answer the pings, just allow icmp to your wan interface and you should be fine. If your going to forward icmp to something behind pfsense - then you need to make sure that something answers and does not have some firewall running or in an odd state like the OP.
At first I just created the rule to allow ICMP to the WAN. When that didn't work I decided to try the NAT rule, but I agree with you that I shouldn't have had to do that I was just trying to see if it would work. I have verified that windows firewall is off. I have no other security software running except for windows defender.
-
Ok only things I see as different in those are the ttl is 53 vs 55 – this makes sense you have an extra hop when your behind pfsense. But I would think it should be 54 not 55? Hmmm have to think about that for a second?
Other thing is your source mac is different.. Neither of these should matter at all.
Sounds like you got a bunch of security software even if not running.. Do you install all that stuff on all your machines?
Why don't do install clean - or how about real simple just boot windows in safe mode with network and see if the software then. That Kaspersky hooks its self into alot of stuff - I know you can just enable the firewall features can you not, so the hooks must already be in play.. I would try the safe mode boot and test, I would if possible do a clean install of windows.. At min uninstall all of that stuff you have installed that hooks into your networking of the OS.
Here is the thing - clearly your seeing the reply with a simple sniff - so what is causing the problem really points to something your running on that machine.
Why does the os ping work? But not this software when clearly the traffic is going through and coming back through pfsense just fine.
-
Ok only things I see as different in those are the ttl is 53 vs 55 – this makes sense you have an extra hop when your behind pfsense. But I would think it should be 54 not 55? Hmmm have to think about that for a second?
Other thing is your source mac is different.. Neither of these should matter at all.
Sounds like you got a bunch of security software even if not running.. Do you install all that stuff on all your machines?
No, one of the machines actually has a clean boot of windows 8. Besides Firefox, Libre Office, and Google Chrome, nothing else has been installed on that machine. The other has a 2 year old install of Windows 7 with Spybot and CCleaner.
Why don't do install clean - or how about real simple just boot windows in safe mode with network and see if the software then. That Kaspersky hooks its self into alot of stuff - I know you can just enable the firewall features can you not, so the hooks must already be in play.. I would try the safe mode boot and test, I would if possible do a clean install of windows.. At min uninstall all of that stuff you have installed that hooks into your networking of the OS.
Here is the thing - clearly your seeing the reply with a simple sniff - so what is causing the problem really points to something your running on that machine.
Why does the os ping work? But not this software when clearly the traffic is going through and coming back through pfsense just fine.
I just did a test in safe mode and still the same issue. No anti virus program or blockers runs then. I'm led to believe it's still pfsense, despite what wireshark says.
-
So how is wireshark lying? the packets are there dude - so why does this software not see them? Your OS clearly sees them when you just ping from the cmd line, etc.
So what could pfsense be doing that your OS doesn't care about, but this software doesn't like??
Make No sense at all other than this software is flaky!
-
OP, what's the Trendnet device between your machine and pfSense?
-
I'm led to believe it's still pfsense, despite what wireshark says.
Facepalm.
OP, as was asked before, what device on your network is "Trendnet_26:b9:d8 (00:14:d1:26:b9:d8)"
If it's not your pfSense LAN NIC, what is it?
-
OP, what's the Trendnet device between your machine and pfSense?
There is none.
Edit: Trendnet_26:b9:d8 (00:14:d1:26:b9:d8) is the same MAC address as my router: 192.168.1.1 00:14:d1:26:b9:d8 pfsense.localdomain
-
Make No sense at all other than this software is flaky!
I agree, I've contacted the developers already and I'm waiting for a response. I will keep everyone posted.
-
Any results yet? I have been trying to figure out this problem as well with no luck.
-
_12/11/13 at 10:07 am ADVISOR: My name is Wayne and I am one of the Specialists working on your case with regards your disconnecting issue with Battlefield 3 and Battlefield 4.
Firstly I am sorry to hear that you have been experiencing this issue. I play Battlefield myself and know how annoying it is when something like this happens.
I have now escalated your case to our studio liaison team so they can work with the studio to get this issue resolved for you. Once the studio has completed their investigation they will be in contact with you.
Again, I apologize for the inconvenience this issue must have caused you. Should there be anything else you might require assistance with, please don't hesitate to let me know._
-
This thread just fizzled out? Would have been nice to know what the resolution was.
-
Just got this message:
My name is Andrew and I am part of the EA Worldwide Customer Experience team working alongside Wayne. After reviewing your case it would appear that the issue you are encountering is linked with your firewall settings on your router as you state that the ping displays correctly when the computer is patched directly to the modem without the router in place.
As every router is different and in fact as many modems include them as well we are unable to provide direct support for configuring their internal firewalls. As such I would recommend checking with both your modem and router manufacturers for guides on how to forward your ports correctly on those pieces of hardware and ensure that they are forwarded in both cases so as to prevent any clashes.
Should you need such you can find a list of which ports need to be forwarded to access all Battlefield 4 Functionality at http://answers.ea.com/t5/Battlefield-4/Battlefield-4-Ports/td-p/1861045
As always should after doing this there still be any issues please do not hesitate to contact us and we will be happy to address your ongoing concerns.
So…where do we go from here? I think we've tried everything. Is it just a bug in pfsense?
-
It works fine for everyone else. Not a pfSense bug.
-
It works fine for everyone else. Not a pfSense bug.
But I've reset all the settings to default in pfsense and it's still having the issue. Could it be a hardware problem with the router?
-
Could be an issue with your OS, your NIC, your pfSense box's NIC, your modem, your ISP, one of the routes leading to EA, a huge number of things could cause it. It worked fine for me with relatively strict rules, and it works fine for other people as well.
-
Could be an issue with your OS, your NIC, your pfSense box's NIC, your modem, your ISP, one of the routes leading to EA, a huge number of things could cause it. It worked fine for me with relatively strict rules, and it works fine for other people as well.
OK well it works fine when I disconnect my pfsense box and connect directly to my modem. It also worked fine with a DIR-655 from D-Link. The problem is definitely inside pfsense.
The only thing I can see doing is posting our NICs. How would I figure out, through pfsense, what NIC I'm using?
-
I'm having the same problem as well. All i've done is create a firewall rule to allow ICMP echo request and echo reply, as the dslreports ping test was failing without that. Screenshot of above, and this is what determines whether the ping test works. I tried disabling them and with them off, it says im not pingable. with it on, the ping test works fine. However even though I can pass a ping test I still cant see my ping in game. Its just as others have described, shows only a dash. My UOtool results are similar to the OP. The only thing I can think of is that static outbound may be required. I have it enabled for half of my lan, I may try setting to an IP in that half and see if it makes a difference.
 -
Same problem here. I have a cable AND dsl connection. When inside BF4, I can see pings on one connection, and no ping on the other connection. Same computer, different PFsense firewalls. When ssh'd into the firewall, ping works fine, ICMP returns data. It also works fine from the UI:
Ping output:
PING yahoo.com (98.139.183.24): 56 data bytes
64 bytes from 98.139.183.24: icmp_seq=0 ttl=49 time=91.734 ms
64 bytes from 98.139.183.24: icmp_seq=1 ttl=50 time=91.349 ms
64 bytes from 98.139.183.24: icmp_seq=2 ttl=49 time=92.091 ms
64 bytes from 98.139.183.24: icmp_seq=3 ttl=49 time=93.887 ms
64 bytes from 98.139.183.24: icmp_seq=4 ttl=49 time=93.650 ms
64 bytes from 98.139.183.24: icmp_seq=5 ttl=50 time=93.424 ms
64 bytes from 98.139.183.24: icmp_seq=6 ttl=49 time=92.195 ms
64 bytes from 98.139.183.24: icmp_seq=7 ttl=49 time=91.472 ms
64 bytes from 98.139.183.24: icmp_seq=8 ttl=50 time=91.790 ms
64 bytes from 98.139.183.24: icmp_seq=9 ttl=50 time=92.047 ms–- yahoo.com ping statistics ---
10 packets transmitted, 10 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 91.349/92.364/93.887/0.886 ms -
An addendum, I did set a rule to static outbound all ports and it made no difference. So i dont believe that's the culprit in this case.
-
Anyone figure this problem out yet? I have been trying different firewall settings for a week and have not made any headway.
