USB to Ethernet Adapter NOT working
-
Where are you running the test pings from? Have you tried from the pfSense box itself? The dashboard screenshot shows the box is still obtaining the update status, does it ever go to 'you are on the latest version'?
Have you considered just running the WAN as a VLAN interface?
Steve
-
ok ive included a pic here of it saying that it cant check for updates.
and im guessing that what your saying is that i should open up shell on the box that im using and ping google.com and the IP address.
on my way home after having some time not working on it, my mind was able to clear up enough that icame to that idea, plus a couple other ideas, as well.
I also called someone to help me out with this and they suggested the same things.One of which being the fact that if some people were able to get usb to ethernet adapters to work, then i should find out what adapters they used, who knows. Just because im able to ping googles IP using the one i have doesnt mean its fully compatible.
Additionally i should basically say f*** the switch right now and connect straight to the box until i get everything working correctly on there, minimizing the variables.
So tomorrow im going to try pinging straight from the box, if that doesnt work im going to swap the interfaces on the box so the WAN will be re0, and then ill try pinging google.com.
im sure ill have to change some settings though, but ill cross that bridge when it comes. but if im able to ping google.com from the box when WAN is set to re0 then i know DNS is not the issue.I dont like this trial and error.
But til the morning i guess the only things that maybe you guys can help me out with right now, is
1-if you know of a USB to ethernet adapter that works then that information will be helpful. Im going to go through this forum and try to see if i can get that on my own as well but any help is appreciated.2-any other ideas on what to try will be great too. i already have a backup so anything i do, i can just simply revert it back if it doesnt work, its all trial and error at this point.
sorry for the long post, but wanted to make sure i didnt miss anything
-
Nice collection of VLAN interfaces.
You declared them all ?
If yes ….. pffff complicated network.
If not: remove all no-standard (recognized) hardware - reinstall - throw away current settings. -
i still dont really get internet though. i can ping the IP but even with a DNS issue, shouldnt i be able to put 216.58.216.32 into a browser and pull up google.com?
Not necessarily. If the first thing you get when you connect to http://216.58.216.32/ is a redirect to https://www.google.com/ it's not going to work unless DNS works.
DNS has to work. Until you verify it does, nothing you do will make any difference.
If you can ping 216.58.216.32 but can't ping by name, fix that.
-
I dont like this trial and error.
That's how you debug networks, but you can do it in a methodical fashion. You don't have to guess. Start at layer 1 (the physical link itself) and work your way up.
Is there link? Is the interface up/up?
Can you ping the other end of the link? No? Does it allow pings? Do you get an ARP entry for the destination IP?
Can you ping outside the network? say ping 8.8.8.8?
Can you resolve DNS names? Use proper tools for this like dig/drill or nslookup if you have nothing else.
If all that works, you are generally good to go. I, personally, think your USB ethernet is working and you have a DNS problem.
What are the DNS servers for the windows host in that screenshot (ipconfig /all)
-
I just got done doing 125 VLANs and I'm waiting for another machine to be delivered to set that one up as well. I'm on my way to the office right now. So i will try those things when I get there. All the VLANs I have on this machine I just need to change their names, I need about 75 for this one and about 150 for the next. Which is why I'm trying to learn this stuff now. Because I also know that in like 4 months there are 4 more that I will have to do. And as far as the time in between, who knows.
-
so when i got into the office this morning, i swapped the wires on the machine, so the the ethernet port was going to the router, and i pinged google.com and it worked perfectly, but i wasnt getting a response from the LAN side of it (at that moment i had LAN set up as ue0, the USB ethernet). So to ME, that says that it isnt a DNS problem, that its gotta be the adapter.
Anyone else agree?
-
OK. This is why I don't use USB ethernet.
-
The mcahine im setting up only has one ethernet port, so its the only option i really have, i cant run both WAN and LAN through the same because there would just be way to much traffic for that.
Trust me, if i had the option to pick the machine im setting up, it wouldnt be this one. but this is what my boss has me setting up, and that is why im here, for support on my problem, not to hear that this is why they dont use usb to ethernet adapters.
So any HELP with my current situation would be greatly appreciated.
Sorry if im coming off as a jerk, but it seems as though im getting nowhere on this project.
-
So, I just picked up a Belkin F4U047BT, i plugged it in and rebooted the machine, and everything works.
OMG so excited. -
Nice! :)
That's really the problem with USB ethernet adapters, with FreeBSD at least. One adapter gives endless trouble but looks like it should work. Another just works first time. There's no way to know in advance what an adapter might do. Manufacturers change chipset or fimrware versions frequently and don't label anything.
Don't think you're out of the woods yet though. Give it a few days/gigabytes to crash. ::)
How much traffic are you putting through it that you can't put the WAN on a VLAN but can use USB?
Steve
-
Just wondering - How much did that USB NIC cost you?
-
Im not exactly sure how much traffic will be on it, like i said earlier, my boss says do this, and i do it.
It costed $30 at BestBuy, i know that they are cheaper online, but its something i needed ASAP -
Tell your boss USB ethernet adapters suck. It you want to be a multi-tenant ISP, be one. If not, don't.
-
Derelict is right. USB Ethernet adapters suck. Even when you get them to "work" they still suck USB solution isn't cost effective.
Even after you have gotten this up and running, it still would be best to scrap it and make a proper pfsense than to use this one.
If you lived in a hut somewhere on the Serengeti Desert and only made $100ish a month, then I'd say its ok because its all you can manage.
A cheap old computer with a free PCI port + a Gigabit NIC to put in it cost about what you paid for the NIC.
It doesn't even matter if you get a USB solution functioning, its rarely if ever the right way to go.
-
I see USB's command some negativity, but I've yet to establish anything susbstansive and upto date regarding them.
Of the pfsense threads I read, most appear to be relevant to USB1 and the introduction of USB2, namely the USB2 doesnt provide the 480Mbps speeds, but with USB3 and continued development since USB2 was introduced, I'm not seeing any new complaints as various chips on the motherboards as well as usb nic have improved.
I've managed to find just one bug related to the USB/Ethernet I use (ax88772), which consisted of a script which constantly enabled/disabled the usb adapt until it eventually stopped responding, but eventually this came down to a fault elsewhere in the network with a different manufacturers card nic, in effect the USB nic was the recipient of someone else's bug.
That type of bug/situation is quite common in software development & hardware support, usually down to standards not being adhered to properly, which means in some instances some hw configs will just never work and/or some sw / hw configs will never work.
I'm just trying to be as informed as possible about the hw I'm already using as my mileage has been good since pfsense v2.1, sure I had problems with pfsense 1.2 and usb adaptors but that was freebsd8 (iirc) which is some time ago interms of development.
So what are the problems which are supposed to affect usb nic's?
TIA.
-
The biggest bug that all the USB NICs have is that they are not Intel PCIe NICs (-:
I'd say that Intel PCIe NICs are the best and USB is the worst.
USB is what you use when you have no other choice and are out of money, in which case, I'd say its better than nothing.
In your case, I'd recommend using your 1 built in NIC and a cheap VLAN switch.
-
OP must already have a VLAN switch since he has many VLAN interfaces defined. Just make one more for WAN and move on.
Now that that's solved, speaking of all these VLAN interfaces, are all these tenants really going to trust you to do their firewalling for them (I know I wouldn't. Nothing personal, it's just a "no way" no matter who it is) or are they going to all have firewalls of their own?
-
I shy away from any network equipment like nics & switches which come with remote management facilities, they attrack hackers no end and its often hard to even tell if someone is in management mode due to the need to not interrupt operations.
A usb nic often has no fancy remote access/management/whatever so should be less to worry about.
I'm happy with the speed but I cant get fibre where I am for another few years.
However I could use usb nics to control access to the pfsense box like a physical key.
I could assign a fixed ip to a usb nic based on its arp/mac id, add a rule to allow access to pfsense from the usb nic, block access to pfsense from everywhere else and that should make pfsense a little more secure in a different way.
I could have a second usb nic and repeat the above steps for a backup measure.
Provide the nic comes up automatically and works as required, that would make securing pfsense a novel way with a physical key and a password effectively giving you a sort of two form factor authentication.
I couldnt do that with intel nics or any other pci-e nic could I? ;)
Edit.
Possibly 3rd form factor authentication, if pfsense can tell what USB port its plugged into if a choice of usb ports exist.
-
I could use usb nics to control access to the pfsense box like a physical key
If you mean you could remove the USB NIC and only connect it when required then no, no you can't.
If you remove a NIC that is configured and assigned in the config file then the next time you reboot you will be dumped at the initial interface assign prompt. That is a problem with any easily removable NIC, if it's accidentally removed then the result can be very bad.Steve