Just moved from the UK to China - problems
-
Just to be sure : the last image above, the "shelll.jpg", something terrible has been shown there :
The WAN and LAN network are the same !! This is a huge no-go situation.
LAN = 192.168.1.1/24
This is the value by default, and you should keep it EXCEPT when, after setting up WAN, the WAN IP becomes the same network - in your case, 192.168.1.100/24 **.
This is the case right now - the image says so, so you should change your LAN IP (network) for - per example :
192.168.2.1/24Your pfSense WAN interface is set, by you , right after installing pfSense, to behave as "DHCP-client" : it will ask a upstream router (with a DHCP server) an IP address. It became 192.168.1.100/24 - and that obliges you to change the LAN network right away. This can be done in the GUI, or the console menu, option 2. As said, 192.168.2.1/24 will be fine.
You can reach pfSense after that from LAN using IP 192.168.2.1 as an address in the navigator to access the GUI. -
Thanks,
I have changed my lan IP as instructed. In option 2, the console requested I choose to enable DHCP on my lan, I chose "no". My lan IP is 192.168.2.1/24.
I initially changed my lan IP to 172.16.0.0 but was still not getting webconfigurator.
I get this message:
The connection has timed outThe server at 192.168.2.1 is taking too long to respond.
The site could be temporarily unavailable or too busy. Try again in a few moments.
If you are unable to load any pages, check your computer’s network connection.
If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web. :'(I have changed my lan IP as instructed. In option 2, the console requested I choose to enable DHCP on my lan, I chose "no". My lan IP is 192.168.2.1/24.
I initally changed my lan IP to 172.16.0.0 but was still not getting webconfigurator.
I get this message:
The connection has timed outI initially set my lan IP to 192.168.254 as seen in the attachment. Then I changed it to 192.168.2.1.
It asked for a DHCP enabled, I said no on the lan.
I still cannot reach the web gui.
![IMG_20180315_152803_HDR r.jpg](/public/imported_attachments/1/IMG_20180315_152803_HDR r.jpg)
![IMG_20180315_152803_HDR r.jpg_thumb](/public/imported_attachments/1/IMG_20180315_152803_HDR r.jpg_thumb)
-
Windows says "local area connection" does not have a valid IP configuration..
-
If you disabled DHCP you have to assign a static address to the windows workstation. Just set up a DHCP server.
Renumber the LAN interface again to 192.168.2.1/24 but this time, say yes to the DHCP server.
Set the start of the range to 192.168.2.129 and the end as 192.168.2.254.
Disconnect the windows laptop from the LAN port and reconnect it.
Give it a second and try https://192.168.2.1/ again.
-
So in choice2, in console, when changing IP addresses I enable dhcp?
At "Do you want to enable the DHCP server on LAN? (y/n)" I typed "y"
Now it is asking for:
"Enter the start address of the IPv4 client address range"OK, I typed in at:
"enter the start address at the IPv4 client address range: 192.168.2.129"
""enter the end address at the IPv4 client address range: 192.168.2.254"It then asks for web confi to revert to non HTTPS, I typed "n"
Next:
"reloading filter…"
"reloading routing configuration..."
"DHCPD...""The IPv4 LAN address has been set to 192.168.2.1"
"You can access the webconfigurator by opening the following URL in your web browser: https://192.168.2.1/Now I can access webconfigurator,
but I get this message"An HTTP_REFERER was detected other than what is defined in System -> Advanced (https://forum.pfsense.org/index.php?action=post;msg=790188;topic=137592.60). If not needed, this check can be disabled in System -> Advanced -> Admin."
-
I don't know what you are doing. Just type that into the URL bar in your browser. Don't click on a forum link.
-
Thanks for all your support. I can now access web gui. ;D
But I want to add my Asus RTN 66U wireless AP as to replace my old tp link router. When I plug in my Asus to the LAN port of my pfsense box, I can connect wireless to it via my laptop but have no internet access. I have typed in my correct wpa 2 aes key.
any solutions would be very much appreciated. -
… the console requested I choose to enable DHCP on my lan, I chose "no". My lan IP is 192.168.2.1/24.
Only experts should consider "No".
As far as I know, experts always chose "Yes" (live is just to short).
Yes is the default btw, never ever remove a default option (that's equivalent for "looking for problems").Do option 2 again, and chose "Yes".
Nice side effect : Your LAN will start to work !
edit :
About your : "Asus RTN 66U wireless AP" : when you buy a box like that, it's has probably activated its "router mode".
Which means : it has a DHCP server …. You have to de activate that (how ? See Asus RTN 66U wireless AP support - user manual)
Also, put the "Asus RTN 66U wireless AP" in "bridge mode" or "AP only mode".
Also, give it a static IP like 192.168.2.2
Mask 255.255.255.0
Gateway 192.168.2.1
DNS 192.168.2.1This is what I do with my AP's - because : If you have seen one, you saw them all.
and if this "Asus RTN 66U wireless AP" has Ethernet ports on its back labeled LAN and WAN, do not use the WAN port - use (one of) the LAN labeled ports.
To save more time, consider solving the root of all problems : "just moved from the UK to China - problems " : move back.
-
… the console requested I choose to enable DHCP on my lan, I chose "no". My lan IP is 192.168.2.1/24.
Only experts should consider "No".
As far as I know, experts always chose "Yes" (live is just to short).
Yes is the default btw, never ever remove a default option (that's equivalent for "looking for problems").Do option 2 again, and chose "Yes".
Nice side effect : Your LAN will start to work !
Thanks a lot. Got everything working but, when I check my pfsense logs at: Status System Logs Firewall Normal View
After trying grc shields up, it states "you should expect to see entries from this site's probing IP addresses: 4.79.142.192 -thru- 4.79.142.207".I do not. I think as I have setup my firewall on my Asus AP, that is protecting my connection.
-
Thanks a lot. Got everything working but, when I check my pfsense logs at: Status System Logs Firewall Normal View
What ?
After trying grc shields up, it states "you should expect to see entries from this site's probing IP addresses: 4.79.142.192 -thru- 4.79.142.207".
I do not. I think as I have setup my firewall on my Asus AP, that is protecting my connection.No way.
The firewall tester "grc.com" will hit against you first firewall / NAT device, that is some box, a box in front of your pf Sense box.
If you have set up this box with NAT rules and/or to reply to ping, it could reply.
But normally, everything will be "green" which means : Ok.
Your AP is the third box in a row, and can't be reached from the outside (it could, but would take us another pages on this forum to explain ^^)As I said above : solve most if not all your problems, and move back :) (you better no be Russian, btw)
-
Thanks a lot. Got everything working but, when I check my pfsense logs at: Status System Logs Firewall Normal View
What ?
After trying grc shields up, it states "you should expect to see entries from this site's probing IP addresses: 4.79.142.192 -thru- 4.79.142.207".
I do not. I think as I have setup my firewall on my Asus AP, that is protecting my connection.No way.
The firewall tester "grc.com" will hit against you first firewall / NAT device, that is some box, a box in front of your pf Sense box.
If you have set up this box with NAT rules and/or to reply to ping, it could reply.
But normally, everything will be "green" which means : Ok.
Your AP is the third box in a row, and can't be reached from the outside (it could, but would take us another pages on this forum to explain ^^)As I said above : solve most if not all your problems, and move back :) (you better no be Russian, btw)
I meant Status System-> Logs-> Firewall Normal View
I am a British citizen, with a family history of active service in the UK military. No way Russian.
I understand, the Asus is in the front line.
Also, why I cannot connect my pfsense box to my wan port instead of lan port? -
I understand, the Asus is in the front line.
Also, why I cannot connect my pfsense box to my wan port instead of lan port?Where did you hook up this Asus box (the AP) ?
I understood : on the pfSense LAN - as one of the devices on your LAN - like PC's, printers, etc.
It's an AP, thus that is where it belongs.On the pfSense WAN side you have tour "ISP" box (also a router), that's it.
-
You might consider hiring someone to hook all this up for you.
-
I understand, the Asus is in the front line.
Also, why I cannot connect my pfsense box to my wan port instead of lan port?Where did you hook up this Asus box (the AP) ?
I understood : on the pfSense LAN - as one of the devices on your LAN - like PC's, printers, etc.
It's an AP, thus that is where it belongs.On the pfSense WAN side you have tour "ISP" box (also a router), that's it.
pfsense LAN port to Asus.