No internet on LAN



  • Hi,
    I have newly installed pfsense and I can't get any internet access on LAN
    My current setup is:
    ISP -> router (192.168.5.1) -> WAN-pfSense-LAN (192.168.6.1)
    I already have network with router (at 192.168.5.1), where are some computers. I want to create second network, but there is no internet access.
    When I ping from pfSense's WAN to google.com or to 192.168.5.1, it's working.
    When I ping ftom pfSense's LAN to google.com or to 192.168.5.1, I get 100% packet loss.
    When I connect computer to pfSense's LAN port, it get's IP from range 192.168.6.X, I can access pfSense webconfig, but I cannot get more far (192.168.5.1 or google.com not working).

    Firewall is disabled in System -> Advanced -> Firewall & NAT -> Disable firewall. (It's not needed)

    I don't know where to start, but shouldn't be setted something in DNS forwarder or resolver? What should be setted in IPv4 Upstream gateway in Interfaces ->LAN?
    Thanks.



  • Since it works on pfSense with WAN address, but not with LAN, it will not have something to do with DNS.

    The IPv4 Upstream gateway must be set to "None" at LAN interface!

    If it still doesn't work check the outbound NAT. If it is set to automatic rule generation, there must be a rule for WAN interface with source = LAN subnet and Translation = WAN address.



  • @viragomann:

    Since it works on pfSense with WAN address, but not with LAN, it will not have something to do with DNS.

    The IPv4 Upstream gateway must be set to "None" at LAN interface!

    If it still doesn't work check the outbound NAT. If it is set to automatic rule generation, there must be a rule for WAN interface with source = LAN subnet and Translation = WAN address.

    Thanks. Gateway is set to none. I will look at NAT settings when I get home.



  • I have this exact same problem. Upstream gateway is set to none. Only outboud NAT rules are the two automatic rules generated, no idea what to do with them. Just want to get internet out of lans, is it that hard?


  • Netgate Administrator

    The OPs problem (back in 2016!) was that they disabled pf and that disables NAT entirely which they needed to get out.

    You should have a gateway defined on the WAN, you should not have a gateway defined on LAN.

    In General > Routing the default gateway will be set to automatic. That works for the vast majority of setups but you can set that to the WAN gateway to be sure. If you ever had more than one gateway defined it may have chose the wrong one.

    Steve


Log in to reply