pfsense not connecting to internet
-
lan ip : 192.168.5.1/24
host ip :192.168.5.2 /24
wan ip :192.168.10.240/24
default gateway: 192.168.10.1/24
no one in 192.168.10.0 network can ping and i couldnot ping them either , unticked those two private ip blocking rules in wan interface .
gateway is shown offline but it actually works
00:14:41.245015 ARP, Request who-has 192.168.10.1 tell 192.168.10.240, length 46
00:14:41.247736 ARP, Reply 192.168.10.1 is-at 28:3b:82:fb:9a:e0, length 46
this is what packet capture shows
i have also written allow any any in both lan and wan interfaces
i tried manual nat rules and auto generated nat rules , no change
but i can ping pfsense lan and wan from the host:192.168.5.2
what am i missing ? -
Ensure you stated the gateway in the WAN interface settings.
@athish said in pfsense not connecting to internet:
gateway is shown offline but it actually works
This basically means that the gateway doesn't respond to pings.
If so go to System > Routing and edit the gateway to disable monitoring or set a public monitoring IP which is pingable.It should work well with automatic outbound NAT rules.
-
@viragomann thanks for the response .
already tried no change still unable to connect to internet -
@athish
Is the gateway status online now? If not that is the first you have to care for. -
@viragomann the gateway status is offline ... trying to find the reason
-
@athish
I wrote above, you can simply disable gateway monitoring! -
@viragomann disabling gateway monitoring will show the status of the gateway online but i would be still unable to get internet ... actually i already tried it.
-
@athish said in pfsense not connecting to internet:
wan ip :192.168.10.240/24
Are you getting carrier grade NAT from your ISP? Or is there some other equipment you haven't mentioned?
-
@athish
The gateway status must not be offline. Otherwise it is not used.So disable the gateway monitoring and set the outbound NAT into automatic mode.
Then try a ping from pfSense itself to a public IP like 8.8.8.8 in Diagnostics > Ping. Does this fail? -
@viragomann yes , i tried these already .it failed .
-
@athish
So I assume something in your 192.168.10.0/24 network is wrong.
Can you ping / access the gateway or public IP outside from other devices?Are the network settings on pfSense correct?
What shows Status > interfaces?
Something in the system log? -
@viragomann @jknott no , i am using the fire wall inside a private network ... the gateway 192.168.10.1 is the l3 switch connecting me to internet
-
@viragomann other devices connected to 192.168.10.1 are getting internet .... both pfsense interfaces are up ... if i directly connect my pc to 192.168.10.1 .i am getting access
-
@viragomann
Dec 10 23:08:14 dpinger GW_WAN 192.168.10.1: sendto error: 64
Dec 10 23:08:14 dpinger GW_WAN 192.168.10.1: sendto error: 64
Dec 10 23:08:15 dpinger GW_WAN 192.168.10.1: sendto error: 64
Dec 10 23:08:15 dpinger GW_WAN 192.168.10.1: sendto error: 64
Dec 10 23:08:16 dpinger GW_WAN 192.168.10.1: sendto error: 64
Dec 10 23:08:16 dpinger GW_WAN 192.168.10.1: sendto error: 64
Dec 10 23:08:17 dpinger GW_WAN 192.168.10.1: sendto error: 64
this is what system logs gateways section says -
@viragomann Dec 11 00:18:05 php-fpm 313 /interfaces.php: Unbound /var/unbound/root.key file is corrupt, removing and recreating.
DO ANYONE KNOW WHAT DOES IT MEAN -
@athish system logs
Dec 11 03:59:13 kernel arpresolve: can't allocate llinfo for 192.168.10.1 on rl0
Dec 11 03:59:14 kernel arpresolve: can't allocate llinfo for 192.168.10.1 on rl0
Dec 11 03:59:14 kernel arpresolve: can't allocate llinfo for 192.168.10.1 on rl0