No internet on fresh install

KOM

Did you specify a gateway for your LAN interface?  Can you resolve any names via Diagnostics - DNS Lookup?  Can you ping 8.8.8.8 from Diagnostics - Ping?

almabes

Your WAN and modem are on different subnets.
Set your WAN to DHCP.  Maybe that will fix it.  Maybe not.  I have no idea how your modem is configured other than the one address you listed.

What are you trying to do?
Explain your network setup with more detail.

Soonie

@KOM:

Did you specify a gateway for your LAN interface?  Can you resolve any names via Diagnostics - DNS Lookup?  Can you ping 8.8.8.8 from Diagnostics - Ping?

The LAN IPv4 Upstream Gateway is [none]

Ping to 8.8.8.8 100% packets lose

My network setup:

Modem / router [ not setteble] i work with DMZ and IP binding

LAN PF sense static IP 192.168.1.1 [DHCP on] (pool 192.168.10 / 192.168.2.100

in the LAN a WRTG wireless modem [192.168.1.3] in LAN no DHCP

hope its clear

almabes

Ok…
In your original post you said your WAN IP was 192.168.3.254.
In your last post you said your WAN IP was 192.168.2.104, assigned by DHCP from your non-configurable modem device.

I'm just trying to get things cleared up.

What have you tried, other than pinging 8.8.8.8 for troubleshooting your problem?

Can you ping the LAN interface of your upstream modem?

KOM

LAN PF sense static IP 192.168.1.1 [DHCP on] (pool 192.168.10 / 192.168.2.100

If your LAN is on the 192.168.1.0 network, your DHCP pool should be in the same range.  I have no idea what pool 192.168.10 / 192.168.2.100 means unless you made a typo or something.  Your DHCP range should be 192.168.1.10 - 192.168.1.x where x is your upper limit depending on how many IP addresses you need to give out.

almabes

@KOM:

LAN PF sense static IP 192.168.1.1 [DHCP on] (pool 192.168.10 / 192.168.2.100

If your LAN is on the 192.168.1.0 network, your DHCP pool should be in the same range.  I have no idea what pool 192.168.10 / 192.168.2.100 means unless you made a typo or something.  Your DHCP range should be 192.168.1.10 - 192.168.1.x where x is your upper limit depending on how many IP addresses you need to give out.

Good catch…I didn't see that.

OP  Post screenshots of your pfSense Status--Interfaces.  Also Services--DHCP Server, LAN tab. 
Those will be helpful to all in diagnosing your issue.

KOM

Good catch…I didn't see that.

Just as I didn't initially notice that his WAN IP address was a different subnet than his modem until you pointed it out, and I kicked myself for missing something so obvious.  When you look at the problems of a dozen+ people per day with various degrees of detail, you start to get tired and miss obvious things.  Especially on Friday.  Time for a beer.

almabes

@KOM:

Time for a beer.

That's the best idea I've seen all day.

Soonie

@KOM:

LAN PF sense static IP 192.168.1.1 [DHCP on] (pool 192.168.10 / 192.168.2.100

If your LAN is on the 192.168.1.0 network, your DHCP pool should be in the same range.  I have no idea what pool 192.168.10 / 192.168.2.100 means unless you made a typo or something.  Your DHCP range should be 192.168.1.10 - 192.168.1.x where x is your upper limit depending on how many IP addresses you need to give out.

im sorry for confusion , agian:

PF box WAN DHCP

PF box LAN 192.168.2.1 static  DHCP on pool is [192.168.2.10 / 192.168.2.100

(a jet changed the LAN from 192.168.1.1 tot 192.168.2.1 now the are in the same subnet)

i send some pictures (sreenshots ;-)

KOM

OK, many things are wrong here.

1. You cannot have WAN and LAN on the same subnet.  If WAN is on 192.168.2.0, LAN must be something other than 192.168.2.x.
2. You are supplying an incorrect gateway to your users via DHCP.  The gateway for them is your pfSense LAN IP address.

So…

If WAN is 192.168.2.x, configure your LAN for 192.168.3.1.  Make your DHCP range 192.168.3.10-.100 with a gateway of 192.168.3.1.

Soonie

@KOM:

OK, many things are wrong here.

1. You cannot have WAN and LAN on the same subnet.  If WAN is on 192.168.2.0, LAN must be something other than 192.168.2.x.
2. You are supplying an incorrect gateway to your users via DHCP.  The gateway for them is your pfSense LAN IP address.

So…

If WAN is 192.168.2.x, configure your LAN for 192.168.3.1.  Make your DHCP range 192.168.3.10-.100 with a gateway of 192.168.3.1.

Thx , i changed it like this

• Ping is working [but no internet]

PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: icmp_seq=0 ttl=59 time=29.493 ms
64 bytes from 8.8.8.8: icmp_seq=1 ttl=59 time=30.070 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=59 time=30.417 ms

–- 8.8.8.8 ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 29.493/29.993/30.417/0.381 ms

• DNS lookup is working [stil no internet] see sreenshot

• Did the next test and everyting was ok

est if the client can ping the LAN IP of the firewall

- If this fails, check the LAN rules, client IP/subnet mask, LAN IP/subnet mask, etc.

Test if the client can ping the WAN IP of the firewall

- If this fails, check the client's subnet mask and gateway

Test if the client can ping the WAN Gateway IP of the firewall

- If this fails, check the client's subnet mask and gateway, and double check Outbound NAT on the firewall

Test if the client can ping an Internet host by IP address (e.g. 8.8.8.8)

- If this fails, check the client's subnet mask and gateway, and triple check Outbound NAT on the firewall

Test if the client can ping an Internet host by Host name (e.g. www.google.com)

- If this fails, check the client's DNS settings, and/or the DNS Forwarder on the firewall (Services > DNS Forwarder, Diagnostics > DNS Lookup)

KOM

In your DHCP definition you need to specify the DNS servers for your DHCP clients to use.  Give it the LAN IP address.  Notice in your 4th screencap that your DNS Servers list is empty?

Soonie

@KOM:

In your DHCP definition you need to specify the DNS servers for your DHCP clients to use.  Give it the LAN IP address.  Notice in your 4th screencap that your DNS Servers list is empty?

i fill in LAN ip and DNS servers

The PC say's i have internet , but my browser is not working

Soonie

@KOM:

In your DHCP definition you need to specify the DNS servers for your DHCP clients to use.  Give it the LAN IP address.  Notice in your 4th screencap that your DNS Servers list is empty?

Wow , internet is working and i can see pages !!  ;D

I think the DNS was the last bottleneck.

Now i have opend al my ports on the firewall , i think thats no good idea.

What are the normal setting for firewall ?

killmasta93

What are the normal setting for firewall ?

what do you want to do with the firewall?

If you want to block websites or social https sites use http://www.tcpiputils.com/ and block it though the LAN tab

If you want to block blacklisted IP use the package pfblockerNG

If you want to open ports to port forward use NAT section

Derelict

If you have any rules on WAN delete them all.

You need rules on LAN to be able to get out to the internet.

Soonie

THX very much everybody !!

Internet is working

nice weekend

Soonie

@Soonie:

THX very much everybody !!

Internet is working

nice weekend

Ok internet works perfect now !

Now i see in the firewall logfile WAN block a UDP rule , what can i do ? make a rule ? or ignore this ?

almabes

That's SSDP/UPnP from your ZTE router.
http://en.wikipedia.org/wiki/Simple_Service_Discovery_Protocol

Just ignore it.