Connectivity after 2100 inital setup

m00dy

Hello. I've recently purchased the 2100. After the initial setup I do not have internet access from any of the LAN ports. I can see traffic entering from the status menu but only have the blue light slowly flashing in the front of the appliance. Is there something after that initial setup that I am missing that needs to be done to allow traffic through the appliance? I'm just aiming for a simple initial setup. Thanks for the help. I did have to change the ip from 192.168.1.1 and I just used what was in the example 192.168.2.1

SteveITS

If you use Diagnostics/Ping does it have Internet access? By default out of the box LAN should have default allow rules to allow access out (LAN Net to *). If nothing else Diagnostics/Factory Defaults would start over...

stephenw10

Does it have a valid WAN IP? Is it a public IP?

You should not normally have to do anything to get access through it.

The fact you changes the LAN subnet points to it otherwise conflicting with something on the WAN?

Steve

m00dy

![alt text]( image url)

I ended up having to uncheck these boxes in WAN and add a pass rules to the firewall.

Gertjan

@m00dy

Mine are both checked. As I don't want non existing IP's used on my WAN - and no one using RFC1918 can connect to my WAN, these do not router over the net.

My LAN is 192.168.2.1/24
My WAN is (DHCP) 192.168.10.3/24 - Yes, my upstream ISP router is using RFC1918.

@m00dy said in Connectivity after 2100 inital setup:

and add a pass rules to the firewall.

Add a rule on what interface ?
When you initially set up your pfSense with the console wizard, when you changed the default LAN 192.168.1.1/24 to 192.168.2.1/24 and set up a DHCP server pool for the LAN, a default pass all will get created on the LAN interface. Nothing else is needed.

stephenw10

Yeah, unchecking those is not required to access the internet from a device on LAN.

That would only be necessary if you are forwarding traffic the other way.

Steve

m00dy

So after the initial setup. my wan IP showed as n/a. Traffic monitor showed activity but it wasn't even able to check for updates. When I unchecked those boxes it populated with an IP. I also added the ipv4+ipv6 any pass but that may have been redundant. That said, on the firewall rules those are the ones that show activity.

stephenw10

You absolutely should not have pass all rules for v4 and v6 on WAN.

That is allowing traffic into the firewall from any external IP which obviously you don't want. You should disable or removed them.

I suspect that unchecking those blocks on WAN did nothing and then re-saving the WAN afterwards is what brought it up.

Steve

m00dy

@stephenw10 Alrighty, I'm going to start over and give it a shot fresh. Everything you are saying makes sense of course. I appreciate it. I'll report back with updates.
.

m00dy

Okay, so started over and am able to get it to populate with an IP. The issue though now is that when I plug in my wifi router to lan1 I am not able to get internet when connected. I have changed the ip 10 192.168.2.1 because the default for the router is 192.168.1.1

stephenw10

Does the wifi router itself pull an IP address from pfSense when it's connected to the SG-2100 LAN?

Steve