No internet access (Gateway offline?)
-
Hi everyone,
I am a noob that setup an old pc into a pfsense router but ive been struggling for days to get my internet working on any of the computers.
Error:
When I connect the pfsense router and go to my computer then in cmd window I do ipconfig /flushdns, ipconfig /release and ipconfig /renew. Then I try to load internet browser and it doesn't work. I run the windows troubleshooter and it will say: "the default gateway is not available"
Physical setup:
ISP Modem -> PFSense Router -> 8 port switch (Connected to the 8 port switch are computers and my windows 2012 r2 server)
Network setup:
I am at home running a windows domain network. My server is running windows server 2012 r2 and the server is the DC, DHCP and DNS server. (Server is connected to my 8 port switch)
PFSense Settings:
DNS Servers
127.0.0.1
64.59.150.137
64.59.144.91Interfaces
WAN 1000baseT <full-duplex,master>, IPv4 address = 50.68.165.142, ipv4 upstream gateway = WAN_Gateway 50.68.164.1, ipv4 config type = static IPv4
LAN 1000baseT <full-duplex>192.168.0.66
Both have a green arrow pointing upwardsGateways
WAN_Gateway 50.68.164.1
Status is RED COLOR AND OFFLINETraffic Graphs
WAN - In/Out are both 0Kbps
LAN - In/Out = 4/2 KbpsClient PC settings (after connecting pfsense router, and doing ipconfig /flushdns, /release and /renew)
ipv4 address: 192.168.0.56 (preferred)
subnet Mask: 55.255.255.0
default gateway: 192.168.0.1
DHCP Server: 192.168.0.2
DNS Servers: 192.168.0.2, 192.168.0.1
DHCP Enabled: YesMy Server & ISP WAN Settings:
windows server 2012
static ip: 192.168.0.2
subnet: 255.255.255.0
default gateway: 192.168.0.1
preferred dns: 192.168.0.2
alternate dns: 192.168.0.1ISP Modem
WAN IP: 50.68.165.142 / 22
WAN Subnet: 255.255.252.0
WAN Default gateway: 50.68.164.1
WAN DNS Primary: 64.59.144.91
WAN DNS Secondary: 64.59.150.137Other details:
- On the pfsense computer console, I can ping everything including: WAN and LAN IPs, my windows server 2012 pc, client pcs
- On my client pcs, I can ping: LAN interface (192.168.0.66) and CANNOT PING: WAN interface (50.68.165.142)
- On my client pcs, I can use my internal domain network normally. I can access my server files, and remote desktop connect (RDP) to my server and to other client pcs.
- Cannot access internet
- I've disabled DHCP services on the pfsense gui
If you need any other details I will provide them asap.
If anyone could offer me some guidance I would be extremely grateful and I can stop pulling my hair out!
Thank you!</full-duplex></full-duplex,master>
-
First off,
You have your clients pointing to a default gateway that doesn't exist… 192.168.0.1. Either change the LAN interface of pfSense to that IP address, or change the default gateway of your clients to point to 192.168.0.66 (The current LAN of pfSense).
If the WAN gateway is showing offline, that means your WAN interface is unable to successfully ping its gateway address. The gateway could possibly be filtering ICMP echo requests, so narrow the problem down, head to system > routing and edit your WAN gateway, change the monitor IP to 8.8.8.8 or 8.8.4.4 (google public DNS). If the gateway still shows offline, you have a problem upstream.
-
Thanks so much bjaffe! I'll try that right now and get back with the results.
-
Okay, i've changed my lan interface to 192.168.0.1. My ISP Modem address is also 192.168.0.1 is that causing any conflict? When I visit 192.168.0.1 it use to bring up my shaw hitron gui but now it brings up the pfsense gui. I assume I can change my shaw hitron IP address though.
I've also changed my WAN gateway monitor IP to: 8.8.4.4 and the status of the gateway is still red and offline :( I tried 8.8.8.8 as well in the monitor IP with the same result.
What does this mean?
-
Ahh.. it looks like your WAN interface on pfSense is set to static, it needs to be DHCP unless you're paying for a static IP specifically with your ISP, and your modem needs to be in "bridged" mode if you want pfSense to be your edge firewall. This will pass the WAN IP through the modem right to the pfSense WAN IP. The modem itself won't have a public IP assignment this way.
-
Okay, I've changed my WAN interface to DHCP. Although, I'm not 100% sure what to enter into the new fields: for now, I left "Hostname" blank and entered: 50.68.165.142 into the "alias ipv4 address" field and 22 into the "/" field.
It then auto created a new WAN gateway entry:
interface: WAN
address family: IPv4
Gateway: DynamicThis new WAN gateway entry status all on "PENDING" and the gateway service won't start anymore. When I press "start service" icon, it tries for 5-10 seconds then goes back to the "start service" icon. :(
-
Ah, i think I see what you mean with regards to my modem. I have to set an IP passthrough on it for my pfsense router
-
shaw is helping me bridge my modem! ill see what happens after that! They were orignally going to give me a 2nd ip address for ip passthrough but this was better easier they said.
-
Woot, I got it working after shaw setup my modem to bridged mode. Thank you so much for your help and patience bjaffe. Wish there was a tip function so I could compensate
-
Always here to help. You can always hit the "thank you" button on the post that solves you problem, it gives +karma :)
-
done!
-
@techgeek055 can you tell me how you did it? i face the same problem though i got live ips from the service provider, the ping is working fine. do i need to change the monitor DNS to the google?