Pfsense can`t keep connection alive to provider

Kalle13

I have done 4 from the things of the other posts. Now I've got no connection and so no internet. I am completly lost!

This I've tried:

1. switched the cable
2. setted tha WAN as dafult gateway
3. swapped the NICs

After I swapped the NICs I am not able to get an IP address now. My WAN adress shows 0.0.0.0. After some searching I recognized that I am not the only one with this issue and read some hints. This is what I did:

1. reset the router
2. switched from bridge mode to normal mode and back
   -> in normal mode I got good and fast internet
3. spoofed the MAC adress from the router
4. restarted the pfsense several times after the router was finally up

I the status from the NIC it says :"Status : up" and "DHCP: down"

The DHCP protokoll says this 7 times in a row with diffenerent intervalls:
dhclient 76735 DHCPDISCOVER on igb0 to 255.255.255.255.255 port 67 interval 9

The system-generic protokoll has 3 entries:

• php-fpm - /status_interfaces.php: the command '/sbin/dhclient -c /var/etc/dhclient_wan.conf igb0 > /tmp/igb0_output 2 > /tmp/igb0_error_output' gave exitcode '15' and the result was "

• php-fpm - /status_interfaces.php: the command '/sbin/dhclient -c /var/etc/dhclient_wan.conf igb0 > /tmp/igb0_output 2 > /tmp/igb0_error_output' gave exitcode '1' and the result was "

• php-fpm - /status_interfaces.php: the comand '/usr/local/sbin/dhclient {$ipv} -d -r -lf '/var/db/dhclient.igb0' -cf '/var/rtc/dhclient_wan.conf' -sf '/usr/local/sbin/pfsense-dhclient-script" gave exit code '1' back, the result was "Internet Consortium DH CP Client .... Listening on BPF/igb0/54:67:44:45:gg:34 Sending on BPF/igb0/... Canˋt attache interface {} to bpf device /dev/bpf0:Device not configured ....

stephenw10

Yes, if you changed the WAN MAC you might need to restart your modem device or even cal your ISP and ask them to reset it.
There should be no reason a different NIC would not get a DHCP address unless the server is refusing it.

Steve

Kalle13

Did my MAC change when I spoof the MAC of my router in my pfsense?
My router reseted several times due to the switching between the normal and bridge mode.

My new attempt is: f**k this router, I buy a used 6360 FritzBox cable and see if this works.

But if this is not going to be working I am calling my ISP to reset their modem.

Kalle13

Nothing of the following worked:

1. bought another cable router (Fritzbox) -> no success
2. called my ISP -> they resetted their hardware -> no success

I am now finished reinstalling pfsense and nothing changed. I canˋt get a IPv4 adress via DHCP.
I am desperate now. Does anyone has some tipps for me?

stephenw10

Run a packet capture on the WAN see what's happening. Is it actually sending dhcp requests? Is it seeing replies?

It still gets an IP if you put the modem back in router mode I assume?

Steve

Kalle13

@stephenw10 I did that yesterday (with wireshark). The pfsense sends the request but after that there is no offer from the ISP.

That´s right. In normal mode it get`s an IP.

Kalle

chrismacmahon

What gets this working again?

Rebooting the cable router (Fritzbox), or rebooting pfSense?

Kalle13

The mystery is is solved!
Heureka!
After days of working and searching.

It was a problem on the ISP side. I think, but don`t know it for sure, that they had a problem with the DHCP server. Maybe.
Today they worked on it. After some time it worked.

Thanks for you all for your help!
This case is closed.

stephenw10

Hmm, well why does the ISP not respond I wonder...

Can you try a pcap from a switch mirror port in the connection? That would prove it's actually being send.

Is it spoofing the MAC correctly?

Steve

Kalle13

Sadly I do not know. I did not talked to the IT people. I only had a ticket for my failure. So the only that I have is, that they where working on it and now it's working. That`s all.

I don't understand what you say. What should I do?
I watch my connection with wireshark.
I did the spoofing one time but after it did not succeed I witched it back to default.

Kalle

stephenw10

When you run tcpdump on the interface in pfSense you see eveything the driver is sending but that might not necessarily make it onto the wire.
By using a switch in between, mirroring the port and capturing on there you see what traffic is actually going back and forth.

Steve