No internet access, but webgui works
-
@KOM:
OK. I'm not sure why your pfSense LAN IP is 192.168.1.1, but you can resolve hosts via 192.168.1.254. Can you take a new screen of your pfSense console view (the one that lists the NICs and the menu showing options form 0 to 15)?
Alright
-
My mistake, you weren't resolving use 192.168.1.254. Your OPT1 link was resolving using 212.59.8.8. So why can't LAN resolve using the same DNS server? I'm starting to run out of ideas here. It should just work.
-
@KOM:
My mistake, you weren't resolving use 192.168.1.254. Your OPT1 link was resolving using 212.59.8.8. So why can't LAN resolve using the same DNS server? I'm starting to run out of ideas here. It should just work.
That's the problem. Im just thinking that esxi is overriding dns server?
-
No, that has nothing to do with it. Usually, your public link to your ISP is a 100 Mbit connection , and LAN connections are Gigabit. In your case though, your public is Gigabit and LAN is 100 Mbit. I'm wondering if you have your vSwitches defined incorrectly. Pull the plug on your cable to your ISP and then check which interface in vi-client shows as being disconnected.
-
@KOM:
No, that has nothing to do with it. Usually, your public link to your ISP is a 100 Mbit connection , and LAN connections are Gigabit. In your case though, your public is Gigabit and LAN is 100 Mbit. I'm wondering if you have your vSwitches defined incorrectly. Pull the plug on your cable to your ISP and then check which interface in vi-client shows as being disconnected.
Well yes, my win xp machine is netbook, so it have only 100mbit connection, don't support gigabit.
-
I'm talking about your ESXi host. ESXi seems to have Gigabit to your ISP and OPT1, but 100 Mbit to LAN. That is unusual. You don't have your XP laptop connected directly into the ESXi host, do you? It should be plugged into a switch that is also plugged into ESXi, unless you're using a crossover cable.
-
@KOM:
I'm talking about your ESXi host. ESXi seems to have Gigabit to your ISP and OPT1, but 100 Mbit to LAN. That is unusual. You don't have your XP laptop connected directly into the ESXi host, do you? It should be plugged into a switch that is also plugged into ESXi, unless you're using a crossover cable.
Actually I do…
OPT1 goes to my switch which is connected to the my pc, which works okay.
But LAN doesn't as we trying to figure it out few hours now..jpg)
.jpg_thumb) -
I'm getting confused. Your XP PC was on LAN, I thought, since that is the one that can't resolve IP addresses. Maybe you could draw me a simple network diagram to show what is connected where?
-
@KOM:
I'm getting confused. Your XP PC was on LAN, I thought, since that is the one that can't resolve IP addresses. Maybe you could draw me a simple network diagram to show what is connected where?
Okay, im not great at these things, i'll attach photo too.
-
If I'm understanding this diagram, you have your WinXP box plugged directly into your ESXi hosts's network port? That won't work.
-
@KOM:
If I'm understanding this diagram, you have your WinXP box plugged directly into your ESXi hosts's network port? That won't work.
Well, but I can access esxi management and pfSense from it. That problem with dns, that we are having here
-
Unless the cable you're using is a crossover cable, it shouldn't work at all and I don't understand why it's working as much as it is. Do you have access to another switch or hub that you could put between ESXi and WinXP? Otherwise I'm out of ideas.
-
Ok I am completely confused here.. You have pfsense running as vm on esxi host, that is how I read your first post.
But in your drawing it sure looks like its outside your host. Please post up your vswitch configuration. I have been running pfsense on esxi for years and its really straight forward. And yes you can run your vmkern on any network you want.
How many nics does your esxi host have? What version is? Since current pfsense is not really supported until its at min 5.5u2
See example of my vswitches.
have to run, so this is cut short please post up a screenshot of your vswitch and how they are connected to the physical world.
-
He posted that here:
https://forum.pfsense.org/index.php?topic=107735.msg600202#msg600202
His diagram is meant to show pfSense as a VM inside ESXi.
Thanks for chiming in. I appreciate another set of eyes with this one as there may have been something I've missed. I'm helping a few other ppl and it's busy at work today so my head is spinning a bit.
-
Ok that makes sense, other than he has his win7 vm in both his wan and lan switch?
And the physical nic vmnic2 is not connected, and don't show any vms on the this opt network..
And in that same pic of showing the pfsense console em0 or his wan has no IP listed. How exactly is this XP box being connected?? And he shows in that drawing his router/switch is I take it is old wifi router being used as AP is connected to opt, but clearly that is not the case since in his vswitch pic nothing is connected to opt.
This is really pretty basic stuff.. Here I drew it up, don't see why the win7 box is connected to both wan and lan.. Makes NO Sense at all!!!
And don't understand how connecting this XP machine - really needs to be another switch involved if just using some wifi router as AP that most likely has no vlan support, etc.
Is this how your connected? Other than your win7 machine most likely causing you problems getting an IP from your ISP.. this is all straight forward.
Pfsense gets wan IP from your isp. You have 2 networks on lan and opt, 192.168.1.0/24 and 192.168.2.0/24 – all devices point to pfsense for gateway and dns via dhcp they get from pfsense. Your done.. So what is not working exactly?? I tried to follow the thread but it was all over the place!! So lets start from a clean slate.. Validate this is how your setup, what your pfsense wan IP is - and remove that win7 vm from your wan vswitch.
-
Ok that makes sense, other than he has his win7 vm in both his wan and lan switch?
And the physical nic vmnic2 is not connected, and don't show any vms on the this opt network..
And in that same pic of showing the pfsense console em0 or his wan has no IP listed. How exactly is this XP box being connected?? And he shows in that drawing his router/switch is I take it is old wifi router being used as AP is connected to opt, but clearly that is not the case since in his vswitch pic nothing is connected to opt.
This is really pretty basic stuff.. Here I drew it up, don't see why the win7 box is connected to both wan and lan.. Makes NO Sense at all!!!
And don't understand how connecting this XP machine - really needs to be another switch involved if just using some wifi router as AP that most likely has no vlan support, etc.
Is this how your connected? Other than your win7 machine most likely causing you problems getting an IP from your ISP.. this is all straight forward.
Pfsense gets wan IP from your isp. You have 2 networks on lan and opt, 192.168.1.0/24 and 192.168.2.0/24 – all devices point to pfsense for gateway and dns via dhcp they get from pfsense. Your done.. So what is not working exactly?? I tried to follow the thread but it was all over the place!! So lets start from a clean slate.. Validate this is how your setup, what your pfsense wan IP is - and remove that win7 vm from your wan vswitch.
That was bit older photos, here it is new one. Problem not with win7, just saying, that my OPT1 goes to old router as AP for wi-fi and few more ports. The problem is windows xp don't have internet access, it is connected trough pfSense, but management network is connected trough that port too. My xp machine has 100mb/s network so don't say it's not gigabit.
Screenshot 2, is my router AP. (Just to say so)
-
how are you connecting XP to the esxi nic that is your LAN?? Is there a switch between?
Do you get an IP via dhcp, can you ping pfsense? Your say opt is working just fine?
Does not freaking matter that your vmkern is port group on same vswitch.. So if opt is working fine, lets see the rules on your lan interface of pfsense and the ipconfig /all of your xp machine when connected.. And can he ping pfsense IP in the opt network?? 192.168.2.1 ???
What network is working your LAN or OPT, and which is 192.168.1.0/24 and which is 192.168.2.0/24?
Also to that 100 full vs gig… Is that interface actually gig and just negotiated to 100 because of your xp machine?? You do understand that unless atleast 1 side is gig, your not going to to do autocross, and your going to have issues without using a crossover cable or switch.
Also that wan router your using as AP -- you have that all F'd up -- your saying stuff is working there?? Your NATTING on it... it has a wan IP of 192.168.2 while its clients are 192.168.1.x -- Where is that wan interface connected to on pfsense?? All those clients are getting dhcp from your wifi router, and pointing to it for dns/gateway which your thinking is your pfsense because pfsense also has 192.168.1 address.
That is a messed up setup. If you want to use your wifi router as AP, then turn off its dhcp, give its lan IP an IP on your network your going to connect it too and connect it to your network via one of its LAN ports..
See attached how it would be your typical setup..
-
how are you connecting XP to the esxi nic that is your LAN?? Is there a switch between?
Do you get an IP via dhcp, can you ping pfsense? Your say opt is working just fine?
Does not freaking matter that your vmkern is port group on same vswitch.. So if opt is working fine, lets see the rules on your lan interface of pfsense and the ipconfig /all of your xp machine when connected.. And can he ping pfsense IP in the opt network?? 192.168.2.1 ???
What network is working your LAN or OPT, and which is 192.168.1.0/24 and which is 192.168.2.0/24?
Also to that 100 full vs gig… Is that interface actually gig and just negotiated to 100 because of your xp machine?? You do understand that unless atleast 1 side is gig, your not going to to do autocross, and your going to have issues without using a crossover cable or switch.
Also that wan router your using as AP -- you have that all F'd up -- your saying stuff is working there?? Your NATTING on it... it has a wan IP of 192.168.2 while its clients are 192.168.1.x -- Where is that wan interface connected to on pfsense?? All those clients are getting dhcp from your wifi router, and pointing to it for dns/gateway which your thinking is your pfsense because pfsense also has 192.168.1 address.
That is a messed up setup. If you want to use your wifi router as AP, then turn off its dhcp, give its lan IP an IP on your network your going to connect it too and connect it to your network via one of its LAN ports..
Okay, so much info, thanks.
First of all, all websites works if I type their IP not FQDN, yes pfSense works just fine. That interface is 10/100/1000 mbit, xp is just old and capable of running at 100mbit only. Okay, about my AP it works just fine, we will fix it later, now im focusing with my LAN which is windows xp machine, that don't have internet connection.
Problem is: I CAN'T access ESXi from my wan let's say 99.99.99.99 and enter root, etc. It don't work, so I have to use windows xp machine, which would be good to have internet connection on it too.
-
Why would you want to access esxi from WAN?? And did you create a port forward for your vmkern?? Are you trying it from outside your network?
Lets get it straight what is what and what is not working… Your wifi router is WRONG setup.. So clients connected to it would ask it for dns, which it would forward to pfsense.. Your saying that works.
But xp doesn't work?? What are the firewall rules?? Your saying it can ping pfsense..
Lets forget about websites and IP address. For all we know your browser is is setup to use a proxy?? You do not have pfsense setup to do any proxy or squidguard or blocker, etc.. Just plain jane pfsense install.
Please post up your rules for both lan and opt. Post up your xp machine ipconfig /all and it pinging pfsense and then a simple nslookup
see example attached
-
Why would you want to access esxi from WAN?? And did you create a port forward for your vmkern?? Are you trying it from outside your network?
Lets get it straight what is what and what is not working… Your wifi router is WRONG setup.. So clients connected to it would ask it for dns, which it would forward to pfsense.. Your saying that works.
But xp doesn't work?? What are the firewall rules?? Your saying it can ping pfsense..
Maybe you misunderstood, I just want to access ESXi from my desktop pc which is at my AP point, that's the problem, that i can't. Yes, it works…
