Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    No internet from LAN, pls help!!!

    Scheduled Pinned Locked Moved General pfSense Questions
    8 Posts 2 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H Offline
      hrh
      last edited by

      I know that this is a very common topic but i´ve searched in a lot of places and read a lot of stuff and i still can´t seem to figure out what´s wrong with the way i´ve set up things.

      I have a pfsense with 2 NICs one for WAN and one for LAN.  My WAN ip address is 201.220.xxx.xxx which is a valid IP on my WAN network.

      i´ve set up DHCP for my LAN and clients are getting the ip leases just fine, i´ve even used OPT interfaces with a Netgear switch to set different VLANS and add dhcps to each one and it works fine two. I´ve configured my WAN static ip address and gateway for it, also added the DNS servers in the general setup because the my WAN´s ip pool uses one to resolve names for internet websites.
      So far from the shell in my pfsense i can ping outside domains so i figured i have connected it right but my clients on the LAN can´t resolve or access any web. The firewall rules are set to accept all incoming traffic from my LAN to my WAN, i´ve not added any new gateways except the one mentioned before. I´m EXTREMELY NEW to pfsense and i cannot stress that enough, everything i´ve done i´ve done by reading here and there so i would appreciate some help a lot. Thanks in advance

      1 Reply Last reply Reply Quote 0
      • DerelictD Offline
        Derelict LAYER 8 Netgate
        last edited by

        The firewall rules are set to accept all incoming traffic from my LAN to my WAN

        What, exactly, did you do here?  Rules for internet traffic should be destination any.  The destination should not be WAN address, WAN net, or anything to do with WAN.

        https://doc.pfsense.org/index.php/Firewall_Rule_Troubleshooting

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • H Offline
          hrh
          last edited by

          Right,my bad, i have accept to any, the default

          1 Reply Last reply Reply Quote 0
          • DerelictD Offline
            Derelict LAYER 8 Netgate
            last edited by

            Post Firewall > Rules, LAN tab and Firewall > NAT, Outgoing tab.

            Detail what host IP address on LAN you are trying to use?

            Can that host ping the pfSense LAN interface?

            Can that host resolve DNS names?

            Does that host have pfSense as its default gateway?

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • H Offline
              hrh
              last edited by

              Yes i can ping the lan interface from my host, no it cannot resolve DNS names, yes it does have the pfsense as its default gateway. On the Outbound tab i´ve left it with the default configuration, the automatic rules.
              My LAN is 192.168.1.0/24, pfsense LAN ip 192.168.1.1 and gateway and i´m using host ip given by dhcp 192.168.1.100-150 currently using 101

              1 Reply Last reply Reply Quote 0
              • DerelictD Offline
                Derelict LAYER 8 Netgate
                last edited by

                If your host can ping 8.8.8.8 and cannot resolve names you need to fix your DNS and your rules are probably fine.

                Chattanooga, Tennessee, USA
                A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                Do Not Chat For Help! NO_WAN_EGRESS(TM)

                1 Reply Last reply Reply Quote 0
                • H Offline
                  hrh
                  last edited by

                  My friend, i live in Cuba, i do not have a direct connection to an ISP on the internet, when i said my WAN pings outside domains i meant outside of my enterprise network but in my country´s network, therefore i cannot ping 8.8.8.8 from my pfsense CLI but i can access the domains allowed in my network (*.cu). Still my host is not resolving anything

                  1 Reply Last reply Reply Quote 0
                  • H Offline
                    hrh
                    last edited by

                    Thanks for everything Derelict, i´ve solved my problem, it had the DNS resolver activated (by default) and the DNS forwarder too (activated by me) which is what i actually needed. Now everything is running normally.

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.