Cannot ping WAN interface
-
On your new pfSense please.
-
Attahced WAN Fw rules
Thank you
-
OK. That looks right. What happens if you plug PC1 into the pfSense WAN port? Can you ping it?
-
same result :-( (I have tried with a normal cable and with a crossover cable)
In the original scenario, pfsense and PC1 are able to ping their default gateway (192.168.140.1). pf sense (via its WAN if) it is able to ping any other public IP.
For some reason I'm not able to see pfsense is not able to see any in the WAN network with the exception of its default gateway
Thank you.
-
No idea. Diagnostics->Packet Capture on WAN and see what it shows.
-
Could be a firewall problem on PC1
-
I know what it isn't.
-
What isn't it?
-
FreeBSD/pf with an em card.
-
I'd tend to agree.
I wonder if he could be talked into downloading ubuntu or linux mint and booting it live from disk and then checking connectivity from pc1?
That way I'd be pretty sure that a firewall or other setting on PC1 wasn't the issue.
-
Easier to capture the traffic on WAN on pfSense. Or install wireshark on PC1. Or both.
-
may be you config worng
-
PC1 it is able to ping PC3… anyway I have disabled the FW/AV software on PCI, same result.
I'll try later with the WAN/PC1 captures
Regards
-
Well I have performed the captures.
Only ARP broadcast messages….
In pfsense (192.168.140.112)10:18:57.255415 ARP, Reply 192.168.140.112 is-at 00:18:71:ea:a9:b5, length 28
10:18:58.253579 ARP, Request who-has 192.168.140.112 tell 192.168.140.101, length 46
10:18:58.253586 ARP, Reply 192.168.140.112 is-at 00:18:71:ea:a9:b5, length 28
10:18:59.253501 ARP, Request who-has 192.168.140.112 tell 192.168.140.101, length 46
10:18:59.253508 ARP, Reply 192.168.140.112 is-at 00:18:71:ea:a9:b5, length 28
10:19:00.255669 ARP, Request who-has 192.168.140.112 tell 192.168.140.101, length 46
10:19:00.255676 ARP, Reply 192.168.140.112 is-at 00:18:71:ea:a9:b5, length 28
10:19:01.253716 ARP, Request who-has 192.168.140.112 tell 192.168.140.101, length 46
10:19:01.253723 ARP, Reply 192.168.140.112 is-at 00:18:71:ea:a9:b5, length 28In PC1 (see attached)
-
OK. The PC is asking who has .112 and something is replying. Then the PC asks again. And again. And again. You need to find out why your PC is receiving an arp reply and ignoring it.
00:18:71:ea:a9:b5 should be what you expect for the MAC address of the interface on 192.168.140.112