Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    New install - cannot access internet websites

    Problems Installing or Upgrading pfSense Software
    2
    2
    735
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      LivItWell
      last edited by

      Here is another unable to access internet websites problem.  I am completely new with pfSense, but this is a very basic setup.  I am going out of town tomorrow, was hoping to resolve before.  I've searched the forums and tried many things for multiple weekends, but still not working.  I've also reset pfSense to factory defaults and verified basics were set correctly.  At the point I think I need to reinstall.

      I can successfully ping public IPs/sites and dns lookup public sites from WAN and LAN interfaces and Windows client on LAN.  When I attempt to access any internet site the IE / Chrome browsers response is check internet connection.  Firewall log shows 100% blocks from incoming unknown public IPs.  What is interesting is nothing shows in the log for outgoing requests every time I try to access any internet website.

      Internet | Comcast ISP /cable modem | pfSense | LAN
      Verified internet | cable modem works by connecting a Windows laptop to the modem.

      Details:
      pfSense 2.3.1 (not update 5) full install amd64 from memstick on SUPERMICRO SYS-5018A-FTN4 1U.
      I am not running virtual. No extra packages installed.

      Interfaces:
      Only WAN and LAN interfaces enabled.
      WAN blocks private and bogon. LAN does not block these.
      WAN set to DHCP and gets valid public IP with /24 mask, uses ISP DNS servers.  LAN uses default 192.168.1.1/24

      Gateway:
      WAN IPv4 gateway assigned to WAN interface and set as default.  LAN has no gateway assigned.
      I disabled IPv6 on WAN int. & gateway while troubleshooting. First tried while enabled.
      WAN IPv4 Gateway has online status.  Note: the gateway public IP does not respond to pings/blocked by ISP so I use one of the ISP's DNS server as monitor IP

      Firewall and NAT:
      Firewall rules are using default.  LAN allows any to any on any.
      NAT is set to Automatic Outbound NAT.

      Thank you for any guidance with resolving this issue!

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis
        last edited by

        So ICMP (ping) works and DNS also works (port 53 UDP/TCP) but ordinary web-browsing does not work (TCP port 80 and 443).
        If there is traffic coming back from your browser actions that is being blocked then that means the states are somehow not being created (or not created right) when the initiating browser request packets go out through pfSense.

        Your description of all your settings sounds fine and should "just work".

        Do some packet capture to know exactly what packets are received on LAN, sent out WAN, and what comes back in to WAN. That will at least make you confident in what flows where and how far.

        Then when you are really stuck, post screenshots of settings, as there must be something odd that you have accidentally done.

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.