No internet access via the pfSense LAN
-
Please help me on this problem, Im newbie on this firewall pfsense, I just want to explore this because this is use on our office and I want to know on how it works :) Advance thank you
-
Check/Read: https://docs.netgate.com/pfsense/en/latest/routing/connectivity-troubleshooting.html
-
Thank sir on this message I will read this :) thank you and keep safe!
-
@ptt Hi Good day again, I already check my virtual pfsense, still no internet on may laptop that connected on the lan usb on my virtual pfsense. but I try also ping the wan 8.8.8.8 so far its connected.
Thank you po
-
We're going to need more information on you pfSense install here to help you.
It's a vitual install? What hypervisor?
How is this USB device connected?In general though if you can connect to the webgui from LAN and the pfSense box itself can ping out on WAN then you have a missing or incorrect default route and/or no NAT.
Both those things can be caused by incorrectly putting a gateway on the LAN interface so check that first.
Steve
-
@stephenw10 thanks sir sorry If my question is very general hehe.. It is my first time to use this..
I have a computer then i just download pfsense software then create a virtual on oracle virtual machine.
WAN connection connected on the on-board lan on my computer then I purchase a usb lan plug on my computer..
I used USB lan for lan connection. then on usb lan i plug a utp cable going to my laptop.. -
Ok, so Virtual Box.
Lets, see screenshots from:
System > Routing > Gateways
Firewall > NAT > Outbound
Diag > RoutesSteve
-
I already access the GUI of pfsense sir.. I can ping out also on the wan its connected .. my worry sir is my laptop cant connected on the internet.
-
-
Hmm, OK that all looks fine.
So by default you would have a firewall rule allowing all traffic from the LAN subnet out. Is that still in place?
Are LAN side clients getting a DHCP lease from pfSense? If you've configured them statically (or there is another dhcp server in the subnet) the clients may not be using 192.168.14.1 as theirt default route.
Steve
-
@stephenw10 hmmm I already turn my computer sir and also my laptop I need to rest sir hehe but sir based on your question . the ip address of my laptop is already set from obtain and getting from the dhcp server. I already set from 192.168.14.2 - 192.168.14.254.
-
I can see my laptop on the DCHP lease pfsense (192.168.14.10 - laptop IP address)
-
Ok, go to Diag > Ping in the webgui and try to ping 8.8.8.8 but select the LAN as the source IP.
That should work and proves the NAT is working.
Can we see the LAN firewall rules?
Steve
-
@stephenw10 Thank you sir I really appreciated your every answer my questions.. I will try that later sir. I'll get back to you later sir :) keep safe po
-
-
-
Ok, great. Try that ping again but set the LAN interface as the source address.
-
is this correct sir?
-
that is my laptop sir, as you can see i cant ping 8.8.8.8 from the laptop
-
Hmm, OK that all looks good. Except it's not working.
Run the ping to 8.8.8.8 from your laptop continually and then check the states in Diag > States. Filter that by 8.8.8.8 to see what states are being opened.
Steve
-
@stephenw10
is this it? sir? sorry if i'm a little slow to fixing this problem. hehe -
Yes, that's correct but note there is no state on LAN from your laptop.
The firewall rules on LAN definitely would allow it so it looks like that traffic is either not arriving at the LAN at all or something else is blocking it. About the only thing that could be is the Captive Portal, do you have that enabled?
It's more likely you laptop is using some other route. Check it's routing table, make sure it's using 192.168.14.1 as the default.
Steve
-
@stephenw10 hello where I can found the captivr portal to enabled?
-
@PHIL_cfrancisco Do i need set a IP address on the USB LAN or not sir?
-
The captive portal should NOT be enabled. It's in Serices > Captive Portal.
From your screenshot the laptop seems to have pulled an IP address on 192.168.14.10. That should be correct.
If it has more than one IP address though it may not be using it. Try running on the laptop
route print
.Steve
-
@stephenw10
Hi Good day again this is my route print from my laptop. -
@stephenw10 Sir I already fix the problem hehe :) I think, there is a problem on the LAN USB. so that may 1st network is Wireless TP link USB that connect on my Router then my on board lan is my 2nd network adapter that connected on my laptop then its worked! :) my laptop has connected on the internet I can also limit the bandwidth on the laptop.
Thank you sir again :) -
Yes, that looks like it. The laptop is not using 192.168.14.1 as it's default route in that screenshot.
You probably just need to remove whatever that connection to 192.168.10.x is before connecting to pfSense.
Steve
-
@stephenw10 hello sir on the laptop screeshot I created again pfsense and I set 192.168.10.1 :)
-
Ah, OK. So all working now?
-
@stephenw10 yes sir :) thank you sir for helping to solve my problem :)
-
No problem.