Routing problems with fixed IP on WAN
-
I want to setup a firewall with a fixed IP on WAN as there is no DHCP on it. It is a 8 address subnet.
I have 2 problems.
If I test the firewall in a test environment with WAN set to DHCP I can ping 8.8.8.8 but cannot access www.google.nl from a client. So DNS does not work. I have set the DNS servers in the system general setup page to 8.8.8.8 62.58.62.132 and 62.58.94.130.
When I change WAN to fixed IP I get the message "no route to 8.8.8.8" . I have set the gateway on the WAN page to the gateway in the testnetwork.
What else must I do to get things going?edit1: I found
One possibility:
If the router you're behind is indicating any kind of IPv6 capability pfSense will try to use it. It probably doesn't actually have that capability so you end up with nothing. Try this:
https://doc.pfsense.org/index.php/Controlling_IPv6_or_IPv4_PreferenceSteve
and that helped for the dns problem.
edit2 for more info:
When I set WAN to DHCP I get in the Status->Gateways 192.168.10.1 "On-line"
When I set WAN to fixedIPv4 and I have put in the System->Gateways 192.168.10.1 at WAN I get in Status->Gateways 192.168.10.1 "Off-line".
I did uncheck the box "Block private networks" in Interfaces->Wan.
On a client I did route print and the output is the same for fixed and dhcp:C:\Documents and Settings\wk>route print
Interfacelijst
0x1 …........................ MS TCP Loopback interface
0x2 ...08 00 27 01 04 d3 ...... AMD PCNET Family PCI Ethernet-adapter - Pakketpl
anner-minipoort===========================================================================
Actieve routes:
Netwerkadres Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.20.1 192.168.20.132 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.20.0 255.255.255.0 192.168.20.132 192.168.20.132 20
192.168.20.132 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.20.255 255.255.255.255 192.168.20.132 192.168.20.132 20
224.0.0.0 240.0.0.0 192.168.20.132 192.168.20.132 20
255.255.255.255 255.255.255.255 192.168.20.132 192.168.20.132 1
Standaard-gateway: 192.168.20.1Permanente routes:
GeenBut a tracert on the client stops in fixedIP after the firewall and continues in DHCP mode:
C:\Documents and Settings\wk>tracert 8.8.8.8
Bezig met het traceren van de route naar 8.8.8.8 via maximaal 30 hops
1 1 ms <1 ms <1 ms gastfirewall.gasten [192.168.20.1]
2 gastfirewall.gasten [192.168.20.1] rapporten: De doelhost is niet bereikba
ar.De trace is voltooid.
–--------------------------------------------------------------------
C:\Documents and Settings\wk>tracert 8.8.8.8Bezig met het traceren van de route naar 8.8.8.8 via maximaal 30 hops
1 2 ms 2 ms 1 ms gastfirewall.gasten [192.168.20.1]
2 2 ms 1 ms 1 ms obgpoort.oudburgerengasthuis.local [192.168.10.1
]
3 1 ms 2 ms 1 ms 87.213.156.9
4 24 ms 24 ms 24 ms 217.16.43.233
5 36 ms 22 ms 23 ms 217.16.43.33
6 27 ms 47 ms 25 ms 212.53.31.82
7 26 ms 27 ms 26 ms 195.69.145.100
8 27 ms 27 ms 25 ms 209.85.254.90
9 27 ms 27 ms 26 ms 209.85.253.249
10 31 ms 28 ms 30 ms 209.85.255.73
11 27 ms 30 ms 29 ms 216.239.49.28
12 * * ^CWhy is there no route?