[SOLVED] No access to webGUI on fresh install
-
Hello!
I'm new to pfsense and am not a system administrator, so I learn as I go.
So I was messing with pfSense trying to configure WAN, with trials and errors, and at some point found myself locked out of webGUI (no VLANs, no certs, no anything special). I had no idea how that happened, so I've just reinstalled pfSense from scratch. But that didn't help!
ATM I'm out of ideas.I have a fresh pfSense install. Hardware is fine and was working already.
My HW setup is dead simple for now: pfSenseRouter > LAN > MyPC. WAN disconnected.
After install I've only assigned interfaces (didn't work, so) then set IP adress manually for LAN to 192.168.1.1, subnet mask 24, DHCP range to 192.168.1.100 - 192.168.1.255, disabled IPv6 DHCP. I guess it was exactly the initial config. pfSense said me I can now open https://192.168.1.1 to access. I also got:WAN (wan) -> re0 ->
LAN (lan) -> re1 -> v4: 192.168.1.1/24There is link-up when I connect the cable and LEDs are blinking.
But I've got no access (no response, just timed out) from LAN. I've already tried another PC, no difference.What am I doing wrong? And how can I debug that? TIA.
**[UPDATE] SOLUTION:0. Make sure you don't use same MACs for pfSense and your PC (happened because of spoofing, persistent even after reinstall)
1. Use hardware MACs instead of arbitrary ones, atleast for some Realtec NICs like mine, otherwise they can go wild…** -
First, make sure you are actually connecting to re1.
If you use menu option 8 there and connect the port you can type this:
ifconfig re1
You should see something like this:
re1: flags=8a43 <up,broadcast,running,allmulti,simplex,multicast>metric 0 mtu 1500
options=bb <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,jumbo_mtu,vlan_hwcsum>ether 00:08:a2:0c:c7:f7
hwaddr 00:08:a2:0c:c7:f7
inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255
inet6 fe80::1:1%re1 prefixlen 64 scopeid 0x2
media: Ethernet 2500Base-KX <full-duplex>status: active
nd6 options=21 <performnud,auto_linklocal>If that status says this:status: no carrier
you are not connected to re1, or at least there is no carrier.
Type exit to get back to the menu.</performnud,auto_linklocal></full-duplex></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,jumbo_mtu,vlan_hwcsum></up,broadcast,running,allmulti,simplex,multicast>
-
First, make sure you are actually connecting to re1.
If you use menu option 8 there and connect the port you can type this:
ifconfig re1
You should see something like this:
re1: flags=8a43 <up,broadcast,running,allmulti,simplex,multicast>metric 0 mtu 1500
options=bb <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,jumbo_mtu,vlan_hwcsum>ether 00:08:a2:0c:c7:f7
hwaddr 00:08:a2:0c:c7:f7
inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255
inet6 fe80::1:1%re1 prefixlen 64 scopeid 0x2
media: Ethernet 2500Base-KX <full-duplex>status: active
nd6 options=21 <performnud,auto_linklocal>If that status says this:status: no carrier
you are not connected to re1, or at least there is no carrier.
Type exit to get back to the menu.</performnud,auto_linklocal></full-duplex></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,jumbo_mtu,vlan_hwcsum></up,broadcast,running,allmulti,simplex,multicast>
Yes, I'm actually connected, got very similar output. Everything looks fine: same "inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255" and "status: active". I've tried another port too, there's no attempt to connect.
-
Have to chalk it up to realtek nonsense then. Sorry.
Unless you want to set something up to do packet captures and see what's really going on. If you know how, great. Not something to talk you through doing here.
-
Have to chalk it up to realtek nonsense then. Sorry.
Unless you want to set something up to do packet captures and see what's really going on. If you know how, great. Not something to talk you through doing here.
Wow. But it was working. Unbelievable! And yes, it is realtek, 2 NICs on MB. Argh.
Sure I want to debug that further, I've spent $200 on that thing.
I'm a little familiar with wireshark, but not much.
Can you give some insight of what I need to look for?
Any useful info appreciated. -
….
My HW setup is dead simple for now: pfSenseRouter > LAN > MyPC.Make that : pfSense (NIC : re1) <=> switch <=> YourPC.
And triple check cables like : do they works else where ?Also : check the dmesg log. Type dmesg in the console and plug and unplug the network cable and dmesg again. can you see the event ?
-
Does your pc get its IP from dhcp on pfsense? If not then you have a basic connectivity problem.
If your getting dhcp from pfsense but just can not get to the webgui..
You can sniff on your pc do you see the arp go out for the IP? Get an answer, and then send Syn to correct IP and mac when you try and connect to the webgui on your browser. Could be like your browser is trying to use a proxy that it can not get to.
-
….
My HW setup is dead simple for now: pfSenseRouter > LAN > MyPC.Make that : pfSense (NIC : re1) <=> switch <=> YourPC.
And triple check cables like : do they works else where ?Also : check the dmesg log. Type dmesg in the console and plug and unplug the network cable and dmesg again. can you see the event ?
Tried that (with switch) - same. Surprisingly, that was going to be my second question, because earlier when webGUI was working and I was trying to make WAN work, that switch was what helped me to atleast get ip from ISP's DHCP… (maybe MDI-MDI-X thing?)
Checked the cables too. They are new and OK.
Checked dmesg, and yes, I can see link up / down events every time.
Does your pc get its IP from dhcp on pfsense? If not then you have a basic connectivity problem.
If your getting dhcp from pfsense but just can not get to the webgui..
You can sniff on your pc do you see the arp go out for the IP? Get an answer, and then send Syn to correct IP and mac when you try and connect to the webgui on your browser. Could be like your browser is trying to use a proxy that it can not get to.
Seems yes, it gets IP 192.168.1.101, according to "ipconfig -all"
…Will try that. I'm having temporary problems with wireshark - not starting, likely needs MSVC redist, which fails to install too. Will take some more time I guess.
I was really using proxy (selectively), but disabling it did nothing. Also tested in 2 more browsers. No luck. -
"not starting, likely needs MSVC redist, which fails to install too."
Sounds like your machine the problem if you ask me… Been using wireshark for YEARS... On hundreds of machines have never had an issue getting it to install..
"I was really using proxy "
Use a good machine, maybe boot a linux live CD or something ;)
-
"not starting, likely needs MSVC redist, which fails to install too."
Sounds like your machine the problem if you ask me… Been using wireshark for YEARS... On hundreds of machines have never had an issue getting it to install..
"I was really using proxy "
Use a good machine, maybe boot a linux live CD or something ;)
I actually managed to get wireshark packet capture from my linux machine, but now I don't get it. It looks to me like DHCP is actually doing its job (Discover>Offer>Request>ACK), but then something goes wrong… I keep investigating. Might be my PC, but both, and same on Windows? Too strange,
Attaching the capture... Here router was running, then shut down, then booted again. I commented these moments in file.
-
So you see 2 times where you see a discover, offer, request and ACK.. Which seems odd..
But even after your client has gotten a lease and arping for pfsense 192.168.1.1 tell .100, you see no arp response.. So yeah the client is not going to be able to talk to pfsense if he can not arp for the mac of 192.168.1.1
You need to figure out why pfsense is not answering the ARP.. Is pfsense seeing the ARP? Sniff on pfsense under diagnostic, packet capture..
Those arps that ask tell 0.0.0.0 are ODD… But there are arps where says to tell .100
edit: here I did a release and renew on my client, and then you see it arp and get a response for pfsense IP .253 in my setup.
-
So you see 2 times where you see a discover, offer, request and ACK.. Which seems odd..
But even after your client has gotten a lease and arping for pfsense 192.168.1.1 tell .100, you see no arp response.. So yeah the client is not going to be able to talk to pfsense if he can not arp for the mac of 192.168.1.1
You need to figure out why pfsense is not answering the ARP.. Is pfsense seeing the ARP? Sniff on pfsense under diagnostic, packet capture..
Those arps that ask tell 0.0.0.0 are ODD… But there are arps where says to tell .100
edit: here I did a release and renew on my client, and then you see it arp and get a response for pfsense IP .253 in my setup.
Yeah, I see…
Do that "tell 0.0.0.0" even have any meaning, I wonder...
"under diagnostic, packet capture.. " Funny)
I've had to format my usb to fat32 then use
$ mount_msdosfs /dev/da0s1 /mnt $ tcpdump -vv -i re1 >> /mnt/sniffAttaching… (haven't got a time to dig through yet. Renamed to .pcap so I can upload, but wireshark don't like it somehow)
-
that is not how you would write a tcpdump to a pcap file.. That is going to be nothing more tha a text file..
20:31:07.211227 IP6 (hlim 1, next-header Options (0) payload length: 36) :: > ff02::16: HBH (rtalert: 0x0000) (padn) [icmp6 sum ok] ICMP6, multicast listener report v2, 1 group record(s) [gaddr ff02::1:fff4:349 to_ex { }] 20:31:07.298230 IP (tos 0x0, ttl 64, id 45485, offset 0, flags [none], proto UDP (17), length 379) 0.0.0.0.bootpc > 255.255.255.255.bootps: [udp sum ok] BOOTP/DHCP, Request from 4c:cc:6a:b7:ee:75 (oui Unknown), length 351, xid 0xc8ab475, Flags [none] (0x0000) Client-Ethernet-Address 4c:cc:6a:b7:ee:75 (oui Unknown) Vendor-rfc1048 Extensions Magic Cookie 0x63825363 DHCP-Message Option 53, length 1: Discover Client-ID Option 61, length 19: hardware-type 255, 6a:b7:ee:75:00:01:00:01:21:f4:6d:96:4c:cc:6a:b7:ee:75 SLP-NA Option 80, length 0"" MSZ Option 57, length 2: 1472 Vendor-Class Option 60, length 54: "dhcpcd-6.11.5:Linux-4.14.15-1-ARCH:x86_64:GenuineIntel" Hostname Option 12, length 2: "SU" T145 Option 145, length 1: 1 Parameter-Request Option 55, length 15: Subnet-Mask, Classless-Static-Route, Static-Route, Default-Gateway Domain-Name-Server, Hostname, Domain-Name, MTU BR, NTP, Lease-Time, Server-ID RN, RB, Option 119 20:31:07.298452 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.1.100 tell pfSense.localdomain, length 28 20:31:07.631455 IP (tos 0x0, ttl 64, id 29334, offset 0, flags [none], proto UDP (17), length 379) 0.0.0.0.bootpc > 255.255.255.255.bootps: [udp sum ok] BOOTP/DHCP, Request from 4c:cc:6a:b7:ee:75 (oui Unknown), length 351, xid 0x7b4c61f0, Flags [none] (0x0000) Client-Ethernet-Address 4c:cc:6a:b7:ee:75 (oui Unknown) Vendor-rfc1048 Extensions Magic Cookie 0x63825363 DHCP-Message Option 53, length 1: Discover Client-ID Option 61, length 19: hardware-type 255, 6a:b7:ee:75:00:01:00:01:21:f4:6d:96:4c:cc:6a:b7:ee:75 SLP-NA Option 80, length 0"" MSZ Option 57, length 2: 1472 Vendor-Class Option 60, length 54: "dhcpcd-6.11.5:Linux-4.14.15-1-ARCH:x86_64:GenuineIntel" Hostname Option 12, length 2: "SU" T145 Option 145, length 1: 1 Parameter-Request Option 55, length 15: Subnet-Mask, Classless-Static-Route, Static-Route, Default-Gateway Domain-Name-Server, Hostname, Domain-Name, MTU BR, NTP, Lease-Time, Server-IDWhere did you sniff that.. Well pfsense is not answering the arp..
20:32:03.034667 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:04.049569 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:05.062824 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:08.051965 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:09.062594 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:10.075960 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:13.056866 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:14.075830 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:15.089126 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:18.061863 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:19.062338 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:20.075565 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:23.066783 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:24.075509 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:25.088866 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:28.409154 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:29.435329 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:30.448618 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46Are you doing any vlans are these packets tagged? You could use -e with tcpdump to see if tagged.
-
that is not how you would write a tcpdump to a pcap file.. That is going to be nothing more tha a text file..
20:31:07.211227 IP6 (hlim 1, next-header Options (0) payload length: 36) :: > ff02::16: HBH (rtalert: 0x0000) (padn) [icmp6 sum ok] ICMP6, multicast listener report v2, 1 group record(s) [gaddr ff02::1:fff4:349 to_ex { }] 20:31:07.298230 IP (tos 0x0, ttl 64, id 45485, offset 0, flags [none], proto UDP (17), length 379) 0.0.0.0.bootpc > 255.255.255.255.bootps: [udp sum ok] BOOTP/DHCP, Request from 4c:cc:6a:b7:ee:75 (oui Unknown), length 351, xid 0xc8ab475, Flags [none] (0x0000) Client-Ethernet-Address 4c:cc:6a:b7:ee:75 (oui Unknown) Vendor-rfc1048 Extensions Magic Cookie 0x63825363 DHCP-Message Option 53, length 1: Discover Client-ID Option 61, length 19: hardware-type 255, 6a:b7:ee:75:00:01:00:01:21:f4:6d:96:4c:cc:6a:b7:ee:75 SLP-NA Option 80, length 0"" MSZ Option 57, length 2: 1472 Vendor-Class Option 60, length 54: "dhcpcd-6.11.5:Linux-4.14.15-1-ARCH:x86_64:GenuineIntel" Hostname Option 12, length 2: "SU" T145 Option 145, length 1: 1 Parameter-Request Option 55, length 15: Subnet-Mask, Classless-Static-Route, Static-Route, Default-Gateway Domain-Name-Server, Hostname, Domain-Name, MTU BR, NTP, Lease-Time, Server-ID RN, RB, Option 119 20:31:07.298452 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.1.100 tell pfSense.localdomain, length 28 20:31:07.631455 IP (tos 0x0, ttl 64, id 29334, offset 0, flags [none], proto UDP (17), length 379) 0.0.0.0.bootpc > 255.255.255.255.bootps: [udp sum ok] BOOTP/DHCP, Request from 4c:cc:6a:b7:ee:75 (oui Unknown), length 351, xid 0x7b4c61f0, Flags [none] (0x0000) Client-Ethernet-Address 4c:cc:6a:b7:ee:75 (oui Unknown) Vendor-rfc1048 Extensions Magic Cookie 0x63825363 DHCP-Message Option 53, length 1: Discover Client-ID Option 61, length 19: hardware-type 255, 6a:b7:ee:75:00:01:00:01:21:f4:6d:96:4c:cc:6a:b7:ee:75 SLP-NA Option 80, length 0"" MSZ Option 57, length 2: 1472 Vendor-Class Option 60, length 54: "dhcpcd-6.11.5:Linux-4.14.15-1-ARCH:x86_64:GenuineIntel" Hostname Option 12, length 2: "SU" T145 Option 145, length 1: 1 Parameter-Request Option 55, length 15: Subnet-Mask, Classless-Static-Route, Static-Route, Default-Gateway Domain-Name-Server, Hostname, Domain-Name, MTU BR, NTP, Lease-Time, Server-IDWhere did you sniff that.. Well pfsense is not answering the arp..
20:32:03.034667 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:04.049569 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:05.062824 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:08.051965 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:09.062594 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:10.075960 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:13.056866 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:14.075830 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:15.089126 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:18.061863 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:19.062338 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:20.075565 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:23.066783 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:24.075509 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:25.088866 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:28.409154 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:29.435329 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46
20:32:30.448618 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has pfSense.localdomain tell 192.168.1.100, length 46Yeah, sure. I meant I just added ".pcap" so I can upload it here, forum limitation.
Well, I guess You are right… I sniffed on pfsense.
And...hm... Do you have any suggestions?
-
Are you tagging traffic.. Only reason I could think that would not answer would be if its tagged so it not going to answer or something.
What switch do you have between, is your pc directly connected to the interface? Can you post the output of ifconfig on pfsense.
-
Are you tagging traffic.. Only reason I could think that would not answer would be if its tagged so it not going to answer or something.
What switch do you have between, is your pc directly connected to the interface? Can you post the output of ifconfig on pfsense.
No, it's direct connection. I tried using switch too, no luck… There was one interesting effect before though, not sure if it's related, but when it was working (I used to have access to webGUI from LAN) - WAN was not working, not getting ip from ISP's DHCP, and I managed to "fix" this with switch. I thought it was related either with MDI/MDI-X autodetection feature (most likely) or just power(very unlikely). When I was connecting just directly to WAN there was no light at all. I guess this will be my second problem if I'll fix current, because I need that switch for some more reasonable use)
Here it goes: (LAN connected to PC directly, WAN disconnected)
re0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 options=8209b <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,linkstate>ether fc:aa:14:2f:18:cf hwaddr fc:aa:14:2f:18:cf inet6 fe80::feaa:14ff:fe2f:18cf%re0 prefixlen 64 scopeid 0x1 nd6 options=23 <performnud,accept_rtadv,auto_linklocal>media: Ethernet autoselect (none) status: no carrier re1: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 options=8209b <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,linkstate>ether 4c:cc:6a:b7:ee:75 hwaddr 4c:cc:6a:b7:ee:75 inet6 fe80::4ecc:6aff:feb7:ee75%re1 prefixlen 64 scopeid 0x2 inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255 nd6 options=21 <performnud,auto_linklocal>media: Ethernet autoselect (1000baseT <full-duplex,master>) status: active lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384 options=600003 <rxcsum,txcsum,rxcsum_ipv6,txcsum_ipv6>inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet 127.0.0.1 netmask 0xff000000 nd6 options=21 <performnud,auto_linklocal>groups: lo enc0: flags=0<> metric 0 mtu 1536 nd6 options=21 <performnud,auto_linklocal>groups: enc pflog0: flags=100 <promisc>metric 0 mtu 33160 groups: pflog pfsync0: flags=0<> metric 0 mtu 1500 groups: pfsync syncpeer: 224.0.0.240 maxupd: 128 defer: on syncok: 1</promisc></performnud,auto_linklocal></performnud,auto_linklocal></rxcsum,txcsum,rxcsum_ipv6,txcsum_ipv6></up,loopback,running,multicast></full-duplex,master></performnud,auto_linklocal></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,linkstate></up,broadcast,running,simplex,multicast></performnud,accept_rtadv,auto_linklocal></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,linkstate></up,broadcast,running,simplex,multicast> -
Just ditch the realteks. They are done.
-
Dude how does your machine have the same mac address as your pfsense lan interface?
Never going to work!!! Should of noticed that in the sniff first, look at your dhcp stuff its all from same mac to what looks like itself.
-
Dude how does your machine have the same mac address as your pfsense lan interface?
Never going to work!!! Should of noticed that in the sniff first, look at your dhcp stuff its all from same mac to what looks like itself.
Holy shell! Thank you!
It seems that it somehow persisted even after reinstall and I was changing it before to my router's, at least that's what I was thinking…
Well, need to find how to change it now) My current router is working like nightmare, loading pages for minutes, literally.
-
I had skimmed over your question for the arps tell 0.0.0.0 I mentioned which you have a lot of in that sniff.
Since no answers.. Client is resorting to asking anybody out there - hey router/switches do you know this IP… what is its mac??
So you did a mac spoof on pfsense, or you changed the mac on your machine? You could reverse your nics as quick fix.. So you put the mac on the other L2, this would allow you to get to your LAN and the web gui from your machine. And your ISP would most likely give you the IP your machine was getting before if connected to the modem, etc.
But yeah in the long term I would correct that.. Another quick fix if the original mac was lost - is just change it to something else that you don't have a duplicate of ;)