PfSense on esxi 6.7, can get it to work propperly.
-
So i tried adding a MAC-ADDRESS but then there is no internet at all.
Where in PfSense can i find a log? so maybe i can see where the problem is occurring. -
all logs are under status / system log
what kind of connection is it? pppoe ? dhcp? static or dynamic ip? -
I have a cable modem and for testing purposes I have been switching between a pfSense VM and physical appliances.
Not sure why - but my connection is stable with the mac address used when the connection was first setup. This may be a provider thing...
Either way - if you want your pfSense VM to use a custom mac address on the WAN interface you'll need to allow forged transmits.
I'd also suggest you enable promiscuous mode.
https://docs.vmware.com/en/VMware-vSphere/6.7/com.vmware.vsphere.security.doc/GUID-7DC6486F-5400-44DF-8A62-6273798A2F80.html
and
https://docs.vmware.com/en/VMware-vSphere/6.7/com.vmware.vsphere.security.doc/GUID-92F3AB1F-B4C5-4F25-A010-8820D7250350.html
and
https://wahlnetwork.com/2013/04/29/how-the-vmware-forged-transmits-security-policy-works/
For good measure also allow mac changes.
Once its all working... you can revert these settings until you know exactly which setting breaks your environment.
To sum this up: on the WAN vSwitch and Portgroup you need to:
-
Allow Mac Changes
-
Allow Forged Transmits
-
Allow Promiscuous Mode
-
In pfsense - on the WAN Interface use a Mac Address that has previously worked with your provider
-
-
These where my settings when i was using the Ubiquiti USG router:
-
ok, again the internet stopt working and i pull this out the logfile:
Apr 6 14:32:33 check_reload_status updating dyndns wan
Apr 6 14:32:33 check_reload_status Syncing firewall
Apr 6 14:32:33 php-fpm 2504 /interfaces_assign.php: Creating rrd update script
Apr 6 14:32:45 check_reload_status Syncing firewall
Apr 6 14:32:49 check_reload_status Syncing firewall
Apr 6 14:32:52 login login on ttyv0 as root
Apr 6 14:33:06 login login on ttyv0 as root
Apr 6 14:33:52 php-fpm 2504 /interfaces.php: Gateway, none 'available' for inet, use the first one configured. 'WAN_DHCP'
Apr 6 14:33:52 php-fpm 2504 /interfaces.php: Gateway, none 'available' for inet6, use the first one configured. ''
Apr 6 14:33:52 check_reload_status Restarting ipsec tunnels
Apr 6 14:33:54 php-fpm 2504 /interfaces.php: Unbound /var/unbound/root.key file is corrupt, removing and recreating.
Apr 6 14:33:56 check_reload_status updating dyndns wan
Apr 6 14:33:56 kernel vlan0: changing name to 'vmx0.300'
Apr 6 14:33:58 check_reload_status Reloading filter
Apr 6 14:33:58 php-fpm 2504 /interfaces.php: Creating rrd update script
Apr 6 14:34:24 check_reload_status rc.newwanip starting vmx0.300
Apr 6 14:34:24 php-fpm 340 /interfaces_assign.php: Gateway, none 'available' for inet, use the first one configured. 'WAN_DHCP'
Apr 6 14:34:24 php-fpm 340 /interfaces_assign.php: Default gateway setting Interface WAN_DHCP Gateway as default.
Apr 6 14:34:24 php-fpm 340 /interfaces_assign.php: Gateway, none 'available' for inet6, use the first one configured. ''
Apr 6 14:34:24 check_reload_status Restarting ipsec tunnels
Apr 6 14:34:25 php-fpm 2504 /rc.newwanip: rc.newwanip: Info: starting on vmx0.300.
Apr 6 14:34:25 php-fpm 2504 /rc.newwanip: rc.newwanip: on (IP address: REMOVED FOR PRIVACY!!!!!!) (interface: []) (real interface: vmx0.300).
Apr 6 14:34:25 php-fpm 2504 /rc.newwanip: rc.newwanip called with empty interface.
Apr 6 14:34:25 php-fpm 2504 /rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - -> REMOVED FOR PRIVACY!!!!!! - Restarting packages.
Apr 6 14:34:25 check_reload_status Reloading filter
Apr 6 14:34:25 check_reload_status Starting packages
Apr 6 14:34:26 php-fpm 341 /rc.start_packages: Restarting/Starting all packages.
Apr 6 14:34:26 php-fpm 340 /interfaces_assign.php: Unbound /var/unbound/root.key file is corrupt, removing and recreating.
Apr 6 14:34:26 login login on ttyv0 as root
Apr 6 14:34:29 check_reload_status updating dyndns wan
Apr 6 14:34:29 check_reload_status Syncing firewall
Apr 6 14:34:29 php-fpm 340 /interfaces_assign.php: Creating rrd update script
Apr 6 14:35:01 pkg-static pfSense-repo upgraded: 2.4.5 -> 2.4.5_2
Apr 6 14:35:09 check_reload_status Syncing firewall
Apr 6 14:35:14 pkg-static fusefs-libs-2.9.9_1 installed
Apr 6 14:35:14 pkg-static libdnet-1.13_3 installed
Apr 6 14:35:14 pkg-static libmspack-0.10.1 installed
Apr 6 14:35:14 pkg-static open-vm-tools-nox11-11.0.1_2,2 installed
Apr 6 14:35:14 php /etc/rc.packages: Beginning package installation for Open-VM-Tools .
Apr 6 14:35:14 check_reload_status Syncing firewall
Apr 6 14:35:14 check_reload_status Syncing firewall
Apr 6 14:35:14 php /etc/rc.packages: Successfully installed package: Open-VM-Tools.
Apr 6 14:35:14 pkg-static pfSense-pkg-Open-VM-Tools-10.1.0_2,1 installed
Apr 6 14:35:16 check_reload_status Reloading filter
Apr 6 14:35:16 check_reload_status Starting packages
Apr 6 13:34:57 php-fpm 340 /rc.start_packages: Restarting/Starting all packages.
Apr 6 14:35:18 kernel VMware memory control driver initializedAfter a reboot of the ESXI host, everything is working again.
-
uhm check the dhcp log and the gateway log also
REMOVED FOR PRIVACY!!!!!! your ip is 2 lines below -
All files attached. :)
Hope this helps. -
No DHCPOFFERS received.
maybe try with e1000 driver instead of vmnet3
-
So i need to reset the Pfsense ESXI to default.
inside the esxi change both adapters from vmnet3 to e1000.
fire up PfSense and do it all over? -
no just stop pfsense, edit the vm change from vmxnet3 to e1000 restart the vm, do it only for wan.
when you start pfsense it will noticed the change and ask you for the new wan interface in the console -
ok perfect, i have done this now and i also cleared all the logs.
-
AND AGAIN, it stopt :( :( :(
New files are attached.DHCP LOG.txt GENERAL LOG.txt -
there is nothing wrong in the log this time, must be something on your esxi or the network card or the cable
-
since 3 hours it is working perfect.
the only thing that i changed was IPv6 Configuration Typefrom None to DHCP6. -
ok, since a couple of day's i notice that the server still blacks out and i need to reboot the complete ESXI server.
When i only reboot the Pfsense VM it wont work.the second thing that i noticed is when my internet speed is FULLY used. ( i have a 1GB line ) that's when it happens.
So i have tried reducing the speed in the newsgroups download but still same problem.So it comes down to this: when i use newsgroups for downloading some files it's going down.
so i tought, could it be the network card that i'm using for both WAN and LAN?so i want to add another network card to the ESXI server with 4 ports to try it out.
But can i make it so that ALL the 4 ports are available for the LAN network in the same subnet? 10.0.0.1/24.
i really like it that way, then i can connect my nas, and both my raspberry to the remaining 3 network ports.
