One interface loses internet access and I could get it back only after reboot the pfsense

ady2

To get internet back I just restarted the VPN Server and internet was back.
The suggestion that NIC card (in my case 2 nic cards) get overloaded somehow, but then why when restart the VPN server the internet is back?
I could not understand how the VPN server restart is related with all interfaces access to internet.
This is second or third time when restarting the VPN server is restoring internet access on all interfaces

ady2

Today is getting crazy. Second time the internet stopped.
I was trying to check (try youtube, ping yahoo, etc,) but also tried to connect from my phone (on LTE internet) through vpn, and it connected successfully so I could check my surveillance cameras, that means that pfsense doesn't loose internet connection, but the main point here is that right after that my internet was back on my laptop and desktop.
So looks like my OpenVpn server is the cause, any suggestions based on the provided info?

Thanks

ady2

@kiokoman said in One interface loses internet access and I could get it back only after reboot the pfsense:

does it work if you force the network card of your laptop to use dnsfrom google for example? like 8.8.8.8 ?

Tried using DNS 8.8.8.8 on my mac last time it happened and no luck.

stephenw10

@ady2 said in One interface loses internet access and I could get it back only after reboot the pfsense:

default 192.168.200.1 UGS lo0

That looks wrong. I'd say you are losing your correct default route. What do you have the default gateway set to? If it's set to automatic set it to a fixed gateway instead.

Steve

ady2

@stephenw10 said in One interface loses internet access and I could get it back only after reboot the pfsense:

@ady2 said in One interface loses internet access and I could get it back only after reboot the pfsense:

default 192.168.200.1 UGS lo0

That looks wrong. I'd say you are losing your correct default route. What do you have the default gateway set to? If it's set to automatic set it to a fixed gateway instead.

Steve

Thanks for looking.
Do you mean this:
in the System/ Routing/ Gateways >> Default gateway tab

and set Default gateway IPv4 to WAN_DHCP?

ady2

@stephenw10

I have rerun the "netstat -rn" command when internet was working (from pfsense Diagnostics/Command Prompt/Execute Shell Command) and the default Gateway was from my WAN subnet ip address.
Routing tables
Internet:
Destination Gateway Flags Netif Expire
default 67.XXX.XXX.1 UGS em2
10.0.99.0/24 link#4 U igb0

---

And then internet stopped working again and I have rerun "netstat -rn" :
Routing tables

Internet:
Destination Gateway Flags Netif Expire
default 192.168.200.1 UGS lo0
10.0.99.0/24 link#4

---

Also found that my default gateway was my OpenVPN

What I did, I have setup Default gateway IPv4 to WAN_DHCP and clicked save button, so now it looks like:

The internet was back.
and

No idea if this is a temporary solution till next blackout or this should fix it permanently ?

ady2

Also verified that all my firewall rules for all interfaces have the gateway set to default. Do I need to set the gateway to WAN for each rule ?

Gertjan

Noop.

'default" means the default gateway will be used.

stephenw10

Exactly. When you have the default gateway set to automatic it will change to a different gateway when the previous default goes down. That works fine if you have, say, two public WAN connections but here you have gateways for OpenVPNs, it selects on and it's invalid as the WAN is down.
Set the default v4 gateway to be the WAN gateway. That will probably resolve it.

Steve

ady2

@stephenw10
Thanks a lot Steve for pointing to the right direction.
Hope this fix will resolve my issue and will let me enjoy my pfsense firewall.

bjohe

@ady2
Your problem seem to be very similar to mine in how the Internet access drops intermittently. However I do not have a VPN gateway setup.
I've been reviwing the Netgate documentation and following the troubleshooting. Installed a "clean" simple installation and I still get these dropouts.

Since your last post was a while ago then I assume this solved the issue you were having?

ady2

@bjohe

Yes, since I have setup my WAN as default gateway I didn't have any internet dropout.
In your case did you consider a hardware failure? Trying to debug my issue I have bought another (actually 2 other relatively cheap used LAN cards from ebay) and added to my setup trying to exclude the lan card failure, but in my case it was not the card.