Pfsense suddenly blocking all internet traffic
-
I had some wierdness like that happen with a customer firewall.
Since time was of the essence, I got them operational again by backing up the config, reloading the latest version, and restoring the config.It was really strange…I could fetch a webpage from an SSH session at the console, but couldn't browse from my laptop.
If I can't get this figured out this sounds like the best option.
Out of interest, have you checked to see that your filesystem on the pfsense box isn't full?
Disk usage is at 3% so all good there.
-
Sounds like it might be either a physical issue with the (external) NIC or possibly with the connection between the pfsense and the cable modem. Have you tried swapping the cable between the pfsense and modem? Or even swapping the cable between your pfsense and LAN?
-
Sounds like it might be either a physical issue with the (external) NIC or possibly with the connection between the pfsense and the cable modem. Have you tried swapping the cable between the pfsense and modem? Or even swapping the cable between your pfsense and LAN?
I don't think its between pfsense and the cable modem because I can ping and tracert from the pfsense GUI and I was able to download and update to the lastest version of pfsense.
I tried swapping the cable between pfsense and the LAN but it didn't change anything. I suppose it possible that NIC is bad but it does have a link light and activity. And the main page of the pfsense GUI does show both the LAN and WAN as green
*Now that I think about it, the LAN NIC has to be fine otherwise I don't think I'd be able to access the pfsense GUI from my main PC
-
Can PFSense ping an external IP like 8.8.8.8?
-
Which version do you run on which hardware?
Do you have packages installed? -
Can PFSense ping an external IP like 8.8.8.8?
Yep, I can ping externally. I was able to ping microsoft.com, hotmail.com, google.com and got successful replies back on them all.
Which version do you run on which hardware?
Do you have packages installed?I'm running the latest version 2.2.2. I'm running in on an older PC with a dual-core AMD processor, 6gb RAM and a pair of gigabit NICs. I don't have any packages installed.
-
Can one of your LAN devices ping the LAN IP of PFSense and also the WAN IP.
-
Can one of your LAN devices ping the LAN IP of PFSense and also the WAN IP.
Yes, I am able to ping both from my PC.
Something else I noticed, Windows isn't showing an exclamation on my network connection. If I hover on the icon in the task bar it shows connected. Which now even more makes me think pfsense is just blocking traffic for no apparent reason.
-
…
I'm running the latest version 2.2.2.
...DNS ? Are you running the Resolver or the Forwarder ?
-
I had some wierdness like that happen with a customer firewall.
Since time was of the essence, I got them operational again by backing up the config, reloading the latest version, and restoring the config.It was really strange…I could fetch a webpage from an SSH session at the console, but couldn't browse from my laptop.
I finally decided to just do this and it fixed all my problems. I'm not sure why I was having issues and I really wish I could have figured out what was going on. But the natives (my wife and kids) were getting restless so I had to get it fixed ASAP. :-)
-
If you're not running the NanoBSD image put your pfSense box on a UPS. The UFS filesystem doesn't like to deal with repeated failings of the local electrical utility. That killed another customer pfSense firewall.
After getting the bill for the firewall recovery, they had no problem with me installing a UPS.
-
If you're not running the NanoBSD image put your pfSense box on a UPS. The UFS filesystem doesn't like to deal with repeated failings of the local electrical utility. That killed another customer pfSense firewall.
After getting the bill for the firewall recovery, they had no problem with me installing a UPS.
My PC, laptop, pfsense box and monitor are all hooked to a UPS. I spent too much money on my main PC to trust the electrical of a 60 year old house. :-)