Just moved from the UK to China - problems
-
@marjohn56:
@marjohn56:
Ok, you should now be able to browse into pfsense. Connect the wan port after you have browsed to the control panel.
I have connected my WAN cable (same one that goes into the old tp link router which allows me internet access), but all I get is a orange flashing led with no green led.
That could mean that all you have is 100Mbps connection or even 10Mbps ( yuk ).
I think I am now understanding that the WAN cable as it comes in is currently connected to the old TP-Link router, for which you have been given the SSID and password.
OK, let's see how close I am to the truth, connect the WAN cable to pfSense, go to the pfSense control panel and what does it say about the interfaces, they should both be up ( if your laptop is connected to the LAN port that is! ). Does the WAN show it is connected at all ( Speed wise )?
Ideally, you would need to log into the old TP-Link and see how the WAN connection is set-up, it may be a static IP for all you know on the WAN side.
I have no WAN connection if I look at Interface drop down in web gui.
-
@marjohn56:
@marjohn56:
Ok, you should now be able to browse into pfsense. Connect the wan port after you have browsed to the control panel.
I have connected my WAN cable (same one that goes into the old tp link router which allows me internet access), but all I get is a orange flashing led with no green led.
That could mean that all you have is 100Mbps connection or even 10Mbps ( yuk ).
I think I am now understanding that the WAN cable as it comes in is currently connected to the old TP-Link router, for which you have been given the SSID and password.
OK, let's see how close I am to the truth, connect the WAN cable to pfSense, go to the pfSense control panel and what does it say about the interfaces, they should both be up ( if your laptop is connected to the LAN port that is! ). Does the WAN show it is connected at all ( Speed wise )?
Ideally, you would need to log into the old TP-Link and see how the WAN connection is set-up, it may be a static IP for all you know on the WAN side.
Sadly, I do not have access to the old TP-Link router, Only have SSID and WPA2- AES password.
-
well if it is MAC filtering and you no longer have access to the NIC it's assigned to then I would think your best bet would be to find the network manager and request that your NIC's MAC be added to the list.
-
Sadly it looks like that. Attached is a picture of what is connected to the TP -Link wireless router.
Yellow Ethernet is connected to TP -link
Grey Ethernet comes in from wall.
I do not know what that blue thing is.
-
That is a modem by the look of it. What model is it?
There are ways to crack this nut. For instance I would start by sniffing the packets coming from the TP-Link to the modem using wireshark, but if you don't know how to use that then you are lost.
-
The Blue thing is Fiber.
That Huawei box is a fiber modem/router. Most likely a EchoLife model of some kind.
Some simlar models:
https://www.alibaba.com/product-detail/huawei-fiber-optic-router_60667383784.html?s=pIf it is like other Chinese Fiber routers, it will be serving up 192.168.1.x local IP addresses, and handles all the PPPOE login credentials to your ISP (China Telecom/China Unicom)
Your issue may be that you've assigned the 192.168.1.x subnet to your pfSense LAN and the Huawei box is trying to assign that address to your WAN connection.
Try setting another subnet to LAN1 and see if that allows you WAN to get assigned from the Huawei box.The model might be listed underneath and that might help finding the specs on that and a user manual - which could help further in troubleshooting this.
But more than likely, you'll be double-nat'd, which sucks, but it should still ultimately work.
-
@LianYu4:
The Blue thing is Fiber.
That Huawei box is a fiber modem/router. Most likely a PowerLink model of some kind.
Some simlar models:
https://www.alibaba.com/product-detail/huawei-fiber-optic-router_60667383784.html?s=pIf it is like other Chinese Fiber routers, it will be serving up 192.168.1.x local IP addresses, and handles all the PPPOE login credentials to your ISP (China Telecom/China Unicom)
And if that is the case, getting to the login credentials is probably very unlikely. :)
Good advice you have given and a double NAT is probably the only solution.
-
I looked at the model: echo hg8120f made by huwei.
-
Just had a quick look at the web site, authentication is carried out inside that fibre gateway. You can always try taking the cable that goes to the TP-Link from the fibre gateway and plugging that into the WAN port of the pfSense box. You should at least get a solid ethernet connection LED indicator.
Try that and see what you get.
-
Yeah, ditching the craptastic TP-Link would be a good start.
-
@marjohn56:
Just had a quick look at the web site, authentication is carried out inside that fibre gateway. You can always try taking the cable that goes to the TP-Link from the fibre gateway and plugging that into the WAN port of the pfSense box. You should at least get a solid ethernet connection LED indicator.
Try that and see what you get.
I have tried that, no luck. Just in case the Ethernet cable could be faulty (I checked before leaving the UK), I tried at least three other cables. No WAN lights (green and orange). I only get orange.
-
Did you try setting your LAN to a different subnet?
The Huawei router is probably using 192.168.1.x -
@LianYu4:
Did you try setting your LAN to a different subnet?
The Huawei router is probably using 192.168.1.xHow do I do that please?
-
:o
-
@LianYu4:
Did you try setting your LAN to a different subnet?
The Huawei router is probably using 192.168.1.xHow do I do that please?
It's in the interface settings.
Change "192.168.1.1" to "192.168.22.1" You can replace 22 with any number between 2 and 254.
-
Sorry for a very late reply. I have been so busy as my life has turned upside down.
My estate agent who is my first point of contact came to see if I could directly connect my ancient wireless TP link router to my laptop. She successfully did by using a Ethernet cable from the ancient wireless TP link router one of the Ethernet ports to my laptop.
If I plug this into one of the Intel based Ethernet ports, I can still ping as described below even though the led above stays orange and never turns green and orange.
So now I have a working WAN connection that I can use. :) I have attached pictures of my WAN and LAN IP's
OK, I have attached new pictures of my setup. I can ping various websites such as www.sky.com, www.krellonline.com, www.yahoo.com, www.ymail.com & www.bbc.co.uk. Strange thing is that my WAN light stays orange, never green and orange. The yellow Ethernet is from my cable modem
I have a LAN IP as proven in one of my attached pictures which has both green and orange led lights. My problem is that I cannot reach 192.168.1.1 to finalise my pfsense setup. I even tried to temporary disable my internet security software. Still no LAN can be seen.
I forgot to add, the black Ethernet is from back of the ancient TP link wireless router into my pfsense box. White is my LAN cable that goes into the Ethernet port of my Dell xps.
My final setp should be: back of ancient TP link router -> WAN on my pfsense box -> LAN on my pfsense box to my wireless AP a old but stable Asus RTN 66U (with the latest firmware that is still being supported by Asus)
-
Your pictures clearly show your WAN and LAN fighting over the same subnet of addresses.
On the console you will see option 2 "Set interface IP address" pick that one and change your LAN (igb1) to another private IP range.
Try 10.0.0.0/24 or 172.16.0.0/24 anything but what you are using now.
Your firewall will be at 10.0.0.1 or 172.16.0.1 depending on your choice.
" I have been so busy as my life has turned upside down. " Yup, think your machine knows the feeling. o_0 -
Thanks, I am pretty bad at networking. What are the exact steps to change to 172.16.0.0/24?
-
Can somebody help me please?
-
Thanks, I am pretty bad at networking. What are the exact steps to change to 172.16.0.0/24?
:o
yup, figured your new job was not within the IT field. I thought I explained some what of the problem I saw, but hey! Actually all the guys were giving good feedback. I still sense a Dok joke here, but I digress.
I think we did not realize a triple NAT problem. I had a bad night (no sympathy needed) just to put that out there to help explain my wierd post to help out my fellow man. Dude you really need to sit down with a network basic book and make things easier for yourself and me.
But I did prevail and decide to get you your GUI damnit. :o
Triple NAT 8) very cool. How you post here is beyond me. So after last nights lack of sleep I thought I would make my previous post better understood with more pictures. yeah!! ???
SOO.. get to shell options enter "2" comp will bitch an say what interface, you put in "igb1", then comp will ask for an IP or range of IP (not sure it has been a year or more since I had to do this) then you will enter "172.16.0.0/24" and the comp will figure out HEH! you must want 172.16.0.1 for PfSense lan IP and you respond and smash ENTER you bet your ass I do.
I think that should about do it. Pics below cause I am beat and bored.PS - also if you just unplug your WAN at the PfSense then reboot you might/maybe/could possibly trick the firewall off 192.168.1.1 at the WAN and access the GUI from the LAN at 192.168.1.1 but you will have to change your IP setting for the LAN (172.16.0.0/24) before plugging in the WAN again.
Confused? yup, me too! ;D
Brain going to mush as I type.
Hope this helps, if not, screw it, I had fun. Goodnight –hmm-- day.
