Problem with VMworkstation and Pfsense

grim

Also on Pfsense there are 4 DNS : 2 ISP dns , 8.8.8.8 and 1 Open dns
When i nslookup from pfsense all 4 DNS respond

Also noticed when i nslookup from laptop

DNS server : LAN IP
DNS server Name : UnKnown

Nslookup From VM

DNS server: LAN IP
DNS server name: Pfsense hostname

bjaffe

If i do this with no changes to the Pfsense the VM have internet and everything, just change from workstation from bridge to VMnet 19, win7 also connected to host only Vmnet 19

This leads be to believe it's some sort of network filtering problem. Can you redraw the diagram with the full IP assignments / netmasks?

grim

like i said same settings :/

The setup was running for more than a month with IPsec VPN, squid , snort ect. configured

bjaffe

This paints a very clear picture. I don't think I can actually help you here… seems like a problem with the virtual environment rather than with pfSense itself.

grim

@bjaffe:

This paints a very clear picture. I don't think I can actually help you here… seems like a problem with the virtual environment rather than with pfSense itself.

When you bridge a physical nic to a VM you assign it to different VMnet networks. in my case WAN - VMnet 17 - PciE nic and LAN -  VMnet 18 - Pci Nic
i also tried changing these networks :(

From the laptop i can only ping public ip's not hostnames and i can open webconfigurator
From the Vm full internet access

Thank you for your fast and dedicated support tho

gjaltemba

Sounds like the dns client on the laptop is not working properly.

Did you try
ipconfig /flushdns
tracert 8.8.8.8

Problem started after a reboot. If possible, restart all network devices to get a clean start.

grim

@gjaltemba:

Sounds like the dns client on the laptop is not working properly.

Did you try
ipconfig /flushdns
tracert 8.8.8.8

Problem started after a reboot. If possible, restart all network devices to get a clean start.

That was one of the first things i've tried I flush after every change, laptop directly to wan cable has no problems, nor the vm

I've rebooted everything even the virtualizator + server
The problem is not in the laptop , the problem started on all infrastructure behind pfsense, I use the laptop on the lan port to exclude it so we don't bother troubleshoot there

grim

Another thing i noticed is that when the problem occurs the PFsense FW log is spammed with blocked entries
source WAN ip 192.168.1.1 destination 224.0.0.1 which is a muticast address

Even tho my WAN ip is a public ip not 192.168.1.1

KOM

Just a guess but after you moved the vm, you might have to go and reassign the interfaces again via the console menu.  You shouldn't have to do this when just moving it's target folder, but you never know.

grim

@KOM:

Just a guess but after you moved the vm, you might have to go and reassign the interfaces again via the console menu.  You shouldn't have to do this when just moving it's target folder, but you never know.

I will try this later , even tho from the webconfigurator both interfaces are with the correct mac :/
And when i powered up the old VM ( the original) the problem was there.

Next thing i will try, when i have time is a clean install with basic settings and restore module by module to try if the fault is there…

Because fine tuning of the proxy, av, ipsec, IPS, user control and other shit took me so much time :<

another thing some services go through, maybe they are not DNS dependent.

MasterX-BKC-

most likely the fault is in vmware workstation, or windows, config wise.  they can be tricky to understand.

if you restore a known working config, after that it must be one of those 2, i have numerous pfsense units running under vmware ESXi with zero problems at all.

AndroBourne

It may not be related but aside from all the DNS stuff. I had a similar issue on my LAN when I first configured my VM PFSense box.

All this kinda sounds like a virtual adapter issues. I would try to blow out the original adapter and then recreate it and see if that works. My issue actually ended up being that the article I was reading about configuring the PFSense in a VM stated to use the Legacy VM adapters which actually caused my issue (same one you were having). I changed the virtual adapter from legacy to the standard adapter and issue went away.

Of course that is going to all depend on the version of PFSense you are running and the types of NICs you have. I would recommend you try both ways (legacy and non legacy) in the VM adapter settings and if that changes anything for you.

grim

Problem solved,

Symantec was blocking the traffic on the host  :o i don't know how but disabling the AV solved the problem…

Thank you all for the support.