Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Unable to access any network that uses the same ISP as I do

    Scheduled Pinned Locked Moved General pfSense Questions
    46 Posts 7 Posters 16.8k Views 6 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • johnpozJ Offline
      johnpoz LAYER 8 Global Moderator
      last edited by

      If you say it works via using some other device. Keep in mind that said other device might get a different IP than pfsense got.

      I would check what IP you have with mask, so you know the whole range. And what this other IP your trying to access is.. What is the mask on that - are they on the same network, or different ones?

      If the IP is on the same network, then pfsense would think its on the same L2 and not send traffic anywhere then directly out its interface. Maybe the isp use private vlans and don't allow devices on the same L2 to talk to each other.

      The simple way to know is just sniff on the other end public IP.. When you send traffic there does it get there? If so then you have something else going on, improper port forward, firewall rules, firewall on the dest device behind the other end. etc..

      If it doesn't get there, then its being blocked somewhere between you and them.

      An intelligent man is sometimes forced to be drunk to spend time with his fools
      If you get confused: Listen to the Music Play
      Please don't Chat/PM me for help, unless mod related
      SG-4860 24.11 | Lab VMs 2.8, 24.11

      1 Reply Last reply Reply Quote 0
      • AKEGECA Offline
        AKEGEC
        last edited by

        @jdogtotherescue, your ISP already knew who you are. Did you or someone in your home network posted anti-government or anti-lockdown messages on social media recently?

        1 Reply Last reply Reply Quote 1
        • stephenw10S Offline
          stephenw10 Netgate Administrator
          last edited by

          @jdogtotherescue said in Unable to access any network that uses the same ISP as I do:

          My ISP provides a connection that If you wanted to, you could plug in a simple desktop switch and obtain an address and access the internet. No NAT required on our end

          Are you actually receiving a public IP when you do that?

          Steve

          J 1 Reply Last reply Reply Quote 0
          • johnpozJ Offline
            johnpoz LAYER 8 Global Moderator
            last edited by

            @stephenw10 said in Unable to access any network that uses the same ISP as I do:

            Are you actually receiving a public IP when you do that?

            Great question ;)

            Since he says he can plug in a switch and get how many IPs? 2, 10, 100? I find it highly unlikely that any isp in this day an age would just hand out more than 1 IPv4 address without some added charge or special account (that pays for it)..

            For all we know he is behind a CGnat? Are these IPv4 addresses your connecting to or IPv6?

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.8, 24.11

            JKnottJ 1 Reply Last reply Reply Quote 0
            • JKnottJ Offline
              JKnott @johnpoz
              last edited by

              @johnpoz said in Unable to access any network that uses the same ISP as I do:

              I find it highly unlikely that any isp in this day an age would just hand out more than 1 IPv4 address without some added charge or special account (that pays for it)..

              I get 2 and I'm not the only one. I first heard about this in a user forum for my ISP and verified it myself.

              PfSense running on Qotom mini PC
              i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
              UniFi AC-Lite access point

              I haven't lost my mind. It's around here...somewhere...

              1 Reply Last reply Reply Quote 0
              • johnpozJ Offline
                johnpoz LAYER 8 Global Moderator
                last edited by

                Well your isp must be sitting on plenty of IPv4 space.. If they are not charging you for more than 1, they are loosing out on income if you ask me. Or your already paying for some sort of premium package that is covering the cost of the extra IP be it you use it or not.

                You have ISPs that have to use cgnat, and then you have others that have IPv4 to burn.. Seems a bit unfair if you ask me.

                The RIRs like Arin should really get more strict, and better distribute the IPv4 space. Its turned into who ever has the most money can just buy up the space they need, and others can just sit on space they are not even using.

                An intelligent man is sometimes forced to be drunk to spend time with his fools
                If you get confused: Listen to the Music Play
                Please don't Chat/PM me for help, unless mod related
                SG-4860 24.11 | Lab VMs 2.8, 24.11

                JKnottJ 1 Reply Last reply Reply Quote 0
                • JKnottJ Offline
                  JKnott @johnpoz
                  last edited by

                  @johnpoz

                  Here's some info about my ISP. When I first got Internet access through them, in the late 90's, they were offering the @home service. As for the address space distribution, you have to consider the history. Way back in the dark ages, the Internet was primarily a U.S. network that later extended into Canada and which was mainly connecting defense research sites. Crossing the ocean was didn't happen much, as there wasn't much bandwidth available before undersea fibre cables. As a result, most of the addresses were already assigned in the U.S., before the rest of the world got involved. Of course, some companies have sold off their surplus. When I was at IBM, back in the late 90's they had the entire 9.0.0.0 /8 block, among others. Some other companies also had similarly huge blocks.

                  Of course, the proper solution to the address shortage is to move to IPv6 as quickly as possible.

                  PfSense running on Qotom mini PC
                  i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
                  UniFi AC-Lite access point

                  I haven't lost my mind. It's around here...somewhere...

                  1 Reply Last reply Reply Quote 0
                  • johnpozJ Offline
                    johnpoz LAYER 8 Global Moderator
                    last edited by

                    @JKnott said in Unable to access any network that uses the same ISP as I do:

                    the proper solution to the address shortage is to move to IPv6 as quickly as possible.

                    While I agree with you, its not happening... And might not for 20+ more years.. No matter how much you want it too.. The major players have no need to move to it, and many isp don't even support it, nor even have roadmaps of going to it..

                    There are major players that don't even support it yet..
                    https://whynoipv6.com/

                    Out of the top 1000 Alexa sites, only 388 has IPv6 enabled, and 788 of them use nameservers with IPv6 enabled.
                    Of the total 902708 sites only 27.1% of them have IPv6. This is a huge shame!

                    An intelligent man is sometimes forced to be drunk to spend time with his fools
                    If you get confused: Listen to the Music Play
                    Please don't Chat/PM me for help, unless mod related
                    SG-4860 24.11 | Lab VMs 2.8, 24.11

                    JKnottJ 1 Reply Last reply Reply Quote 0
                    • J Offline
                      jdogtotherescue @stephenw10
                      last edited by

                      @stephenw10 Yes. I was able to access that new IP address from a more remote client and it worked just fine.

                      1 Reply Last reply Reply Quote 0
                      • JKnottJ Offline
                        JKnott @johnpoz
                        last edited by

                        @johnpoz said in Unable to access any network that uses the same ISP as I do:

                        While I agree with you, its not happening... And might not for 20+ more years.. No matter how much you want it too.. The major players have no need to move to it, and many isp don't even support it, nor even have roadmaps of going to it..

                        That's head in sand stupidity. As you mentioned, many ISPs have to use CGNAT, which means they're providing their customers inferior service. Comast started their move to IPv6, because they couldn't seamlessly manage their network with IPv4. Having to use NAT, even without CGNAT gets in the way for many people. There's another thread here where someone is trying to run 2 web sites on 1 IP address. This is needed simply because they have a single address.

                        BTW, my ISP is a major one. As that ARIN info shows they have over 5M IPv4 addresses. They are currently¹ the only telecom company that covers all of Canada, coast to coast. In addition to Internet, they also provide cell phone service, home phone, cable TV, security monitoring and more. They have been providing native IPv6 for over 4 years and used tunnels for a few years before that.

                        1. I used to work for the other company that covered the entire country, but it went bust several years ago. I also have some personal connection to Rogers. They used to be a major shareholder in the company I used to work for and I have since done some work for them or with them, including cable head end, cell network and a data centre, along with providing fibre to several companies.

                        PfSense running on Qotom mini PC
                        i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
                        UniFi AC-Lite access point

                        I haven't lost my mind. It's around here...somewhere...

                        1 Reply Last reply Reply Quote 1
                        • PippinP Offline
                          Pippin
                          last edited by Pippin

                          @stephenw10 said in Unable to access any network that uses the same ISP as I do:

                          Are you actually receiving a public IP when you do that?

                          Why I said:

                          @Pippin said in Unable to access any network that uses the same ISP as I do:

                          Try disabling RFC1918 rule.

                          Would still be interesting to see a traceroute.....

                          I gloomily came to the ironic conclusion that if you take a highly intelligent person and give them the best possible, elite education, then you will most likely wind up with an academic who is completely impervious to reality.
                          Halton Arp

                          1 Reply Last reply Reply Quote 0
                          • AKEGECA Offline
                            AKEGEC
                            last edited by

                            @jdogtotherescue, I think Steve knows more about the US internet and law. I am not sure what happened when someone already got warned and flagged by US ISP. I did hear about spending time in jail because of torrenting. If you are torrenting, how about using a VPN provider outside the USA and EU juristic like Nordvpn in Panama. Anyway if you want to know about ISP, watch last week Joe Rogan interview with Edward Snowden.

                            JKnottJ stephenw10S 2 Replies Last reply Reply Quote 0
                            • JKnottJ Offline
                              JKnott @AKEGEC
                              last edited by

                              @AKEGEC

                              Jail is pretty severe if all they did is violate the Terms of Service. Sharing an Internet connection is considered theft of service. Torrents are in themselves not illegal, unless the content is, but may violate an ISPs ToS. Was that guy who got jail for a torrent doing something like pirating movies?

                              PfSense running on Qotom mini PC
                              i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
                              UniFi AC-Lite access point

                              I haven't lost my mind. It's around here...somewhere...

                              1 Reply Last reply Reply Quote 0
                              • stephenw10S Offline
                                stephenw10 Netgate Administrator @AKEGEC
                                last edited by

                                @AKEGEC said in Unable to access any network that uses the same ISP as I do:

                                I think Steve knows more about the US internet and law.

                                Probably not, I'm in the UK. 😉

                                1 Reply Last reply Reply Quote 0
                                • AKEGECA Offline
                                  AKEGEC
                                  last edited by

                                  @Steve, I thought you lived in the US.
                                  @JKnott, I forgot but I think it was about a man who bought movies legally and shared. A case of a thin line between sharing and pirating. Anyway it is sad to see ISP companies are becoming more powerful and abusive.

                                  JKnottJ 1 Reply Last reply Reply Quote 0
                                  • JKnottJ Offline
                                    JKnott @AKEGEC
                                    last edited by

                                    @AKEGEC

                                    "Sharing" is theft. Also, the ISPs are forced to do it by the movie studios.

                                    PfSense running on Qotom mini PC
                                    i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
                                    UniFi AC-Lite access point

                                    I haven't lost my mind. It's around here...somewhere...

                                    AKEGECA 1 Reply Last reply Reply Quote 0
                                    • AKEGECA Offline
                                      AKEGEC @JKnott
                                      last edited by

                                      @JKnott said in Unable to access any network that uses the same ISP as I do:

                                      @AKEGEC

                                      "Sharing" is theft. Also, the ISPs are forced to do it by the movie studios.

                                      20 years ago if you said you don not believe your ISP, people would call you paranoid and 10 years ago if you said you used a VPN provider, people would also call you a criminal (pirate, pedophile).
                                      You need ISP for your internet access but that does not mean ISP has the right to take over your family, friends and yours security and privacy rights.

                                      JKnottJ 1 Reply Last reply Reply Quote 0
                                      • JKnottJ Offline
                                        JKnott @AKEGEC
                                        last edited by

                                        @AKEGEC

                                        "Sharing" movies etc. was theft long before there was an Internet. Movies, TVs shows, records, books and more have long been covered by copyright laws. I have no idea what you mean by your post.

                                        PfSense running on Qotom mini PC
                                        i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
                                        UniFi AC-Lite access point

                                        I haven't lost my mind. It's around here...somewhere...

                                        1 Reply Last reply Reply Quote 0
                                        • GertjanG Offline
                                          Gertjan
                                          last edited by

                                          @AKEGEC : check out the consumer rights and other usage conditions of your ISP.
                                          When signing up, you agree with them.

                                          An ISP has no interest about using or selling private things of a user. Eventually, always, some one will find out .... and then the ISP will die - go out of business.

                                          Btw : if a major knows that a ISP knows (or is able to see) that a ISP client shares private info (the movie) then the major will probably 'attack' the ISP. Because it's just a simple fact knows as 'stealing'.
                                          So, ISP's will reference to local laws, and some own laws (selling conditions) like "one shall not try to lauch nukes that do not belong to you ...".

                                          Also : when you share an Internet connection you have to trust the person(s) who you share with.
                                          Like sharing your car.
                                          Your house.
                                          No trust ? Abuse ? Simple. Don't share - issue closed.

                                          @AKEGEC said in Unable to access any network that uses the same ISP as I do:

                                          but that does not mean ISP has the right to take over your family, friends and yours security and privacy rights

                                          Humm. I'm living in Europe. So basic human rights are part of our (ancient) constitution. They have tried everything in Europe for the last 20 (or more ?) centuries. We hold the absolute world record of trying out different types of societies -and the quantity of people that perished because of it is daunting - still, something like voting (democracy) was already created before the birth of Christ, somewhere in Greece.
                                          Because the system wasn't perfect, some 3 centuries ago, people had a opportunity to leave (instead of simply not being happy : they went oversees and created the USA while doing so).

                                          What I mean : I have the luxury to say that I don't understand your remark.

                                          My ISP is like my boss, land lord, tax services, my bank, water company, my electric company, assurances, the food I buy, my car .... and what the f**k, my own wife.
                                          My ISP ? Ah, common on, that is the new one on the block, w'll see about that one. Let's deal with the others first, as they were there first. ^^

                                          No "help me" PM's please. Use the forum, the community will thank you.
                                          Edit : and where are the logs ??

                                          AKEGECA 1 Reply Last reply Reply Quote 0
                                          • stephenw10S Offline
                                            stephenw10 Netgate Administrator
                                            last edited by

                                            We are getting off topic here. 😉

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.