SG3100 Single WAN NAT Issues.
-
@mcury Yes.. I just connected a Surface to the Guest WiFi..
It got the expected IP address -
@wc2l Ok, it was working before? Problem started with the host override inside DNS Resolver?
Try to remove the host override and try again. -
@mcury no change
Both ways shows that DNS servers are not responding
DNS_PROBE_FINISHED_NO_INTERNET -
@wc2l Ok, what DNS server are these users using?
Are your firewall rules allowing connections to this DNS server on port 53 UDP/TCP? -
-
@wc2l You need firewall rules inside this last image, WC2LWIFIGUEST
You need to allow the GUEST network to go out to the internet.Do you see the difference between LAN and WC2LWIfIGUEST?
The last two rules in LAN, try to create them inside WC2LWIfIGUEST, this will allow internet access for these guests.
-
@mcury Protocol - Any, Source - Any, Destination Any?
I remember something that I saw online. I will have to see if I can find it -
@wc2l It's easy to create a firewall rule.
Protocol: any
Source: WC2LWIfIGUEST_NET
source port: *
destination: *
port: *Exactly as it is inside LAN, you replicate that but now for WC2LWIfIGUEST
-
@mcury
That was it!! I can get out to the internet.. I can't get to ddns.example.com, but I'm not sure I truly care.. more of a way for me to test some stuff. -
@wc2l Ok, to users in the WC2LWIfIGUEST to be able to access ddns.example.com
You will need the host override in place, and confirm that the users inside WC2LWIfIGUEST are using the pfsense DNS and not other DNS server. -
@mcury I had already placed the Host override in place.
When I check the ipconfig of the device it is 172.30.32.1 -
@wc2l Is 172.30.32.1 the interface WC2LWIfIGUEST IP address?
If so, the host override to ddns.example.com should be working.Ping ddns.example.com from inside the WC2LWIfIGUEST network and confirm if the IP matches the host override configuration.
-
@mcury When I ping the DDNS name it does match the actual IP address
-
@wc2l Ok, can you show a screenshot of the host override ?
-
@mcury prefer not to make that public
Host: ddns
domain example.com
IP to return for host 172.30.30.40
Description empty -
@wc2l It's correct, it should be working..
Try to do a ipconfig /flushdns inside the PC you are testing.
Clear the browser history and try again. -
@mcury flushdns did the trick!!
I can now telnet, browse and have to check out some of the services.. Looks like were successful! Now I can do some of the other things on my list!! Good new, the office is quiet and I'm working from home today. I may be able to make myself useful
-
@wc2l said in SG3100 Single WAN NAT Issues.:
@mcury flushdns did the trick!!
I can now telnet, browse and have to check out some of the services.. Looks like were successful! Now I can do some of the other things on my list!! Good new, the office is quiet and I'm working from home today. I may be able to make myself usefulNice, enjoy :)
