PFSENSE couldnt get WAN ip from modem



  • Dear Team,  i have installed pfsense firewall version 2.3.5 yesterday ,  situation is my pfsense ssetup is  >ISP > MODEM > PFSENSE FIREWALL > CISCO SWITCH > ALL OTHER DEVICES  prooblem is pfsense coul detecct LAN interface automatically but unable to recognise WAN interface ip as well as i am able to ping 127.0.0.1 and default gateway of assigned LAN ip 192.168.1.1 apart from it i am unable to ping DNS 8.8.8.8 as well as locally with ip ranging from 192.168.1.5 to 192.168.1.253 which was assigned by me in basic pfsense setup .  can any one please help me in this issue .  Thank you



  • Did you reboot the modem from your ISP after connecting it to your pfSense WAN interface?



  • yeah !  then also WAN interface is not detected automatically could you help me in this case



  • There are lots of reasons why this could be failing, but you're not giving us enough information to help you.  In general, please provide as much information as possible, even if you don't think it's relevant.

    What type of internet connection to you have?

    Has this internet connection worked with other firewalls/routers?

    Is the modem hooked directly to your pfSense machine via ethernet or is a switch involved?

    Have you tested this with known good network cables?

    Please tell us what hardware you're using, and in particular, what kind of network interface cards you have?

    The more information the better…



  • we have broadband cable modem with type DHCP ,

    yes from cable modem to laptop directly it worked , where as in case if i try from  cable modem to pfsesne firewall its not pinging by default gateway of cable modem as well as DNS server of google 8.8.8.8 ping request also failed

    But from pfsense LAN interface when i connect to LAPTOP directly i can access pfsense web gui.

    cable modem is directly hooked to pfsense WAN interface later from pfsense LAN interface i am trying to connect to switch

    yes , i have tested with good working condition RJ 45 cable

    i am using "hp thin client t5740" as pfsense firewall in my setup

    i do have one WAN interface card in t as well as two LAN interface card in it.

    please try to help me in this .



  • OK.

    When you connect your laptop directly to the ISP Router, it works. What is the LAN IP address of he ISP Router?



  • When i try to connect my Laptop directly to ISP Modem it works fine i can able to ping default GW 192.168.1.251 and DNS server 8.8.8.8, Apart from it the LAN ip is 192.168.1.197



  • And that is why pfSense does not work.

    By default PFSense sets it's LAN network to the 192.168.1.* range, you cannot have that range on both the LAN and WAN interfaces.

    You need to go back to the shell menu of pfSense,Option 2, and change the LAN address and DHCP range to 192.168.2.*



  • just a moment am  working on it , thanks for this information i like it



  • hey despite of changing pfsense LAN ip to 192.168.2.* i cant access it in web gui (pfsense) from the system comming under cisco switch connection

    cable modem (192.168.1.251)> pfsense (192.168.2.1)> cisco switch(smart switch) > other system.(192.168.1.*)

    from above i am unable to access pfsense web gui from systems under cisso switch(managed one).



  • I said, connect directly to pfSense from your Laptop, where did I say to go via the Cisco switch?

    Can you connect to pfSense when connected directly from the LAN port of pfSense to your Laptop, YES OR NO?



  • yes , i can directly connect pfsense with LAN port of laptop i get DNS server as 192.168.2.1 and IP V4 of laptop as 192.168.2.2 , Here 192.168.2.1 is the LAN ip assigned in shell prompt of pfsense .



  • Good. Now connect the WAN port of pfSense to the ISP router.



  • yeah , did as directed but WAN ip is not detecting automatically as well as i couldn't ping 8.8.8.8 DNS server of google from laptop command prompt ?



  • OK, leave the WAN connected, and go into the pfSense Web interface, What does it show as the IP address of the WAN interface?



  • hi ,

    sorry for delay .No IP is detected its empty in the WAN interface field.


  • Netgate Administrator

    Does it show the WAN interface as UP? (green arrow)

    Can we see a screenshot from Status > Interfaces.

    Steve



  • no WAN interface is in RED



  • Dude…why are you opening multiply thread on the same exact issue...that's a big turn off!

    Onto the subject at hand...sounds to me some conflict going on with your cable modem and might need to be in bridge mode.



  • should i need to change any settings over there ?


  • Netgate Administrator

    A screenshot of the WAN from Status > Interfaces would be very helpful here. Please try to get that.

    If the interface shows the red 'down' arrow though that implies it's not even connected. I would look for a link issue, perhaps a bad cable or speed/duplex mismatch. That assumes your WAN is Ethernet directly though, if it's PPP of some sort there may be other issues. The screenshot would tell us all that.

    Steve


  • Netgate Administrator

    I see in fact you did post a screenshot in one of the other threads you opened. I re-attached it here.

    That shows what looks to be a working connection. The WAN is linked, UP and has a valid IP.

    It seems like you are trying to put the cable router in modem mode to bridge the PPP connection yes?

    Steve




  • yes but public ip is not detected in wan interface i don't know why


  • Netgate Administrator

    If it's showing a private IP on the WAN like in that screenshot it's because the ISP supplied modem/router is not passing it through. Instead is it running a dhcp server and giving pfSense a lease from that.

    If it's a PPPoE connection you will need to configure the 'modem' to run is modem or bridge mode and then configure the PPPoE connection on the pfSense WAN.

    Steve



  • yeah i tried  to login to modem gw 192.168.1.251 for PPPoE configuration but i am unable to login to url with this gateway ip

    can please share me how to configure PPPoE configuration steps

    Thank you



  • @rangarajan:

    can please share me how to configure PPPoE configuration steps

    Your device that is hooked up to your cable/phoneline/Coax incoming wire should be put into pure "modem" mode. In that case it just 'translates' info from one line - the incoming connection, to packets that flow over an Ethernet cable to pfSense.
    This Ethernet cable should be put into the WAN interface. PPPOE should be activated on this WAN (pfSense)  interface, and you probably have to enter some credentials (logion + password : transmitted to you by your ISP - this same info is present now in your router device, so it can enable the conenction).

    Everything depends on the instructions given to you by your ISP (their support web site, FAQ, etc)  - you haven't said anything about that part, so we don't know nothing about that.



  • Dear Team

    i here by explaning the despite of making cable modem to bridge mode also am unable to get WAN ip details in pfsense

    whether i should configure ppp0e in cable modem or in pfsense firewall am not clea in this point

    |
                                                cablemodem(192.168.1.251)
                                                  |
                                              pfsense firewall(wan - 192.168.1.223) ,(lan - 192.168.2.1)
                                                  |
                                                cisco switch (smart one)
                                                |
                                                pc (192.168.2.2)

    here am able to access the internet but issue is publi ip is not detected in wan interface of pfsense , here i have attached interface and other details in screenshots

    please help me






  • IF your "cable modem" was really working in "modem" mode, it had no notion of "IP" (it's just transforming electric signals from one wire to another), and pfSene would actually have a 'real' WAN IP on it's WAN interface.
    But, right now, you are using DHCP-client on the WAN interface, which means it's asking for an IP. Somehow, a DHCP server is still running on your modem … and it gives a 'local' IP ( 192.168.1.251 ) to pfSEnse.

    Btw : the fact that you have a working Internet connection is a pretty solid prove that you have a router-after-router setup now. So your modem isn't functioning in "modem" mode at all.

    When I was using the box my ISP gave me, I had to put it in Modem or PPPOE mode. I had to chose pppoe mode on the WAN interface on pfSEnse, and enter a lgin and password, and I had a real WAN like "82.127.34.254" on the pfSense WAN interface.

    Why do you keep the DHCP-client activated on the WAN ? Is this per ISP instructions ?

    Today, with my new router that is hooked up to my VDSL phone line in front of pfSense has to be a router - "modem" mode isn't possible. A classic "router-after-router" setup.
    Not really a big deal for :
    he.net (for my IPv6) works.
    The DyNDNS service still works
    I have to double NAT for some IPv4 port, but I don't care, it works.

    Again : check out with your ISP how to change your device into a pure modem device - we can't help you with that.

    Edit: Removed link and merged the topics. Steve



  • Dear Team,

    i am able to access internet via pf sense firewall but only issue is public IP is not detected in wan interface of pf sense firewall despite of changing my cable modem to bridge mode also nothing worked .please help me in this


  • Netgate

    Typical Cable Modem procedure:

    Unplug WAN port from cable modem

    Set WAN port to DHCP

    Do whatever you need to do to get the cable "modem" into bridge mode.

    Reboot the cable modem and let it sync up.

    Connect the WAN port to the cable modem.

    In the USA, all cable modems are naturally in bridge mode. Some unlucky folks have routers with a built-in cable modem and the router portion is what actually has to be put into bridge mode. Your particular circumstance there is actually a better topic for your ISP's forum than here if you want a more specific answer.

    In some cases the ISP has made the brain-dead decision to lock down the MAC address it will serve on the customer side. Rebooting often clears that, but sometimes a call to the ISP is necessary and, in extreme cases, spoofing the MAC on the WAN interface might be necessary.


  • Netgate Administrator

    Please stop opening new threads about exactly the same issue. We are trying to help you but you are just making it harder by having multiple forum users duplicating the troubleshooting.

    You need to put your ISP modem/router in modem or bridged mode and then change the pfSense WAN to be type PPPoE with the appropriate credentials.

    The modem may still be accessible using its internal address but as Gertjan said when it's configured correctly you will not have internet access using DHCP on WAN.

    Steve



  • As I have not seen this mentioned and at the risk you will start another thread (against forum rules)..

    Maybe the FreeBSD drivers for your particular interface no longer exist in the newer versions.  Try changing your interfaces around and see if your WAN connects then.

    You will need to console in for this.

    Im done!