[SOLVED] New sg-2220 setup - Cant reach internet
-
Spent the larger part of today trying to get our new sg-2220 up and running with minimal (no?) progress. The issue is that after running through the initial setup wizard, neither my lan devices or the pfsense itself are able to reach the internet. The issue originally revealed itself when I wasn't able to get any type of dns resolution, but after ssh'ing in to the pfsense I realized that i couldn't even ping out to google or any other dns servers via ip (8.8.8.8, 4.2.2.1, etc.)
My setup is pretty straight forward. At this point I have my ISP cable model box connected to the pfsense wan port, and at this point just my laptop connected to the lan port. Eventually it will go to a Netgear wireless router but figure this should be worked out first :)
The cable modem has a 4 port switch, and I've tried moving around to different ports. Keep in mind I had another server connected to the internet through these ports without issue.
WAN port is statically configured. I am reusing an IP that I had configured on a previous server. I bounced the cable modem afterward to clear any potential arp issues.
On the LAN side I left it with the default 192.168 setup.
Under general setting I set first and second DNS servers to 8.8.8.8 and 4.2.2.1 and bound them to the WANGW. I also tried without selecting the WANGW but it did not help.
I've tried enable DNS Forwarder and DNS Resolver individually with no luck. Have also tried with both disabled.
Outside of the above I can't think of anything else that I have adjusted. I've compared the WAN interface configuration with my other servers and the settings are the same.
I've glanced at the firewall rules but not made any changes, and although this is my first time looking at rules like this, it appears that out of the box the setup should allow my lan clients to reach the internet. This tells me to keep looking at the WAN interface config but I can't see anything that's wrong.
Anyone have any ideas?
Thanks in advance!
-
I suspect there is going to be some memory somewhere upstream of the MAC address of the server that was previously using what is now the WAN IP.
Try to ping the WAN gateway IP. If that does not work, then there is some local hardware/cabling/ARP issue. -
I suspect there is going to be some memory somewhere upstream of the MAC address of the server that was previously using what is now the WAN IP.
Try to ping the WAN gateway IP. If that does not work, then there is some local hardware/cabling/ARP issue.Thanks Phil. I'm not able to ping the gw. I replaced the WAN cable with a known working one. Took the cable modem offline for several minutes before powering back on. I'm looking at the pfsense logs to see if maybe I have a nic issue on the new pfsense device.
When I log into the cable modem interface it does see the pfsense connected to it.
-
Posting my interface status in case there is some basic config there that I'm missing. Does IPv6 need to be enabled/disabled?
Also, confirmed via status page the WANGW is offline.
-
That all looks fine, the IPv4 routing/ping/… should work fine without any IPv6 settings, or with broken IPv6 settings. I assume the WAN GW IP is in the same subnet (8 address subnet in your case) as the pfSense WAN IP.
I guess the WAN GW is actually some device at the ISP and the cable modem is just in bridge mode. If that is so, then you have no way to "reset/power-cycle" the actual WAN GW device.
If you can find out the MAC address of the server that used to be at WAN IP, then set that as the MAC address of the WAN interface. That should certainly trick the upstream WAN GW into finding its way back to you. Or by the time we have chatted a bit in this thread the WAN GW device will time out its ARP cache, and then learn the "new" MAC address of pfSense WAN interface. -
Well, a quick call to the ISP sorted it out. I was using the wrong gateway.
(facepalm)
What I haven't looked into is why my other two servers are working, albeit still going through the incorrect gateway.
Thanks for the help!