Factory Defaults, still no client internet access
-
I have deployed pfSense v2.4.4 behind my ISPs modem/router combo that does not support bridged mode. Long storey short: I cannot change this but need to use something behind the ISPs combo that will support VLANs, static routes etc.
The ISP router serves out a network of 192.168.1.0/24, from which pfSense WAN interface is given 192.168.1.23 via DHCP.
Given this is the same network as the factory default used by pfSense I changed the LAN IP on pfSense to be 174.16.1
0.1/24.From Diagnostics-->Ping; using a source address of LAN, WAN and Localhost all transmit and receive three packets to/from 8.8.8.8. All good so far. I thought - great - this is actually going to work!
However, when I connect a client (Ubuntu, Windows) to the pfSense LAN I have no internet access from these clients.
Any suggestions of what I should be troubleshooting appreciated.
Thanks!
-
@pipersbytes
On the WAN page, there's a setting "Block bogon networks". Make sure it's not selected. That setting blocks RFC 1918 addresses on the WAN side.
-
@pipersbytes said in Factory Defaults, still no client internet access:
174.16.10.0/24
Are you sure your clients are actually set to this subnet?
Can you go to an actual IP address instead of using DNS? https://172.217.3.174
Can your clients ping out to 8.8.8.8?
-
@JKnott thank you. I managed to get this working without really knowing why, but it is not related to these options.
I ran an ipconfig from the Windows client and noticed that it wasn't getting a gateway. Same was true for the Ubuntu client as ip r | grep default returned nada.
In pfSense I went to Services-->DHCP Server-->LAN and manually added the LAN interface of pfSense as the Gateway (174.16.1.1) and gave it DNS of 8.8.8.8.
After this, and disabling/reenabling the NICs on the clients it works. I have also since removed the entries within Services-->DHCP Server-->LAN and it still works.
Unfortunately, I don't know enough about pfSense just yet to dig into the logs to troubleshoot what happened.
-
@chpalmer clients can now ping outside - but I had to force the DHCP server to supply the Gateway. I have since removed the gateway and DNS from Services-->DHCP Server-->LAN and am letting pfSense send the default (which is the same IP anyways) and it is now working.
-
That is strange.. Ive never had that issue myself.
Glad you found it.
-
Mmm, the DHCP server should supply the interface address as the gateway if you don't specify anything. It's hard to think what could prevent that. If the interface was invalid in some way you would be able to set it in the first place.
Do you actually mean 172.16.1.1? 174.16.1.1 is not a private IP. It may be conflicting with something by some unlikely coincidence.
Steve
