[SOLVED] LAN2 machine can only ping, cannot resolve
-
Hello,
I am very new to pfSense, and am trying to understand how it works before putting it into prod. I have installed pfSense 2.4 in a vm, and I assigned 3 nics to it : WAN, LAN100 and LAN200 (opt1). Those virtual nics are on 3 separate networks.
LAN100 : 192.168.100.0/24
machine1 : 192.168.100.101/24LAN200 : 192.168.200.0/24
machine2 : 192.168.200.100/24machine1 can reach out to the internet, no problem here.
When adding the LAN200 interface, I created 2 firewall rules to LAN200, based on those of LAN100 (automatically generated).
The NAT Outbound rule is set to automatic mode, and I can see that LAN200 has been added.
My problem is that machine2 cannot resolve anything at all. Its nameservers are 8.8.8.8 and 8.8.4.4, which it can ping. But it would seem that the firewall is blocking everything else.
What am I doing wrong?
Thanks for any idea
-
Post your rules so someone can see what you've done.
-
So you are saying you can ping 8.8.8.8 but cannot resolve www.google.com when trying to ping www.google.com?
This sounds like a DNS Resolver/Forwarder issue to me. Which one are you using, DNResolver or DNS Forwarder?
But keep in mind, I'm a newb too. But man, I love all of the stuff you can do with pfSense.
ThatGuy
-
I fixed the problem, which has to do with the virtual networking system. On virtualbox, the above issue does not happen. However, it does on kvm – and I found the solution on the Proxmox wiki :
https://pve.proxmox.com/wiki/PfSense_Guest_Notes
In the pfSense GUI: System > Advanced > Networking and flag Disable hardware checksum offload.
Now every machine on LAN2 can ping and resolve, port forwarding to those machines work, and all my virtual networks behave as expected.
