[SOLVED] BT Infinity connected but no internet



  • I have connected my BT Business Hub (in bridge mode for BT Infinity) to my pfSense box.

    When setting up the WAN connection for BT, I set it as PPPoE and entered in the business login details. I know they are correct as I called BT and asked for the details.

    pfSense shows an uptime and there is an IP address associated with the wan connection that takes you to the pfSense login.

    The problem is that I get no internet connection.

    What am I doing wrong?



  • Pfsense -> Diagnostic -> Ping 8.8.8.8, if successful, ISP is online, something wrong with your configuration(s).

    Can't Internet oftentimes suggests the absence of the GATEWAY parameter on the IP setting, IP dolled out.



  • @SammyWoo:

    Pfsense -> Diagnostic -> Ping 8.8.8.8, if successful, ISP is online, something wrong with your configuration(s).

    Can't Internet oftentimes suggests the absence of the GATEWAY parameter on the IP setting, IP dolled out.

    Ill try that in the morning :)

    Hopefully its that simple.



  • @SammyWoo:

    Pfsense -> Diagnostic -> Ping 8.8.8.8, if successful, ISP is online, something wrong with your configuration(s).

    Can't Internet oftentimes suggests the absence of the GATEWAY parameter on the IP setting, IP dolled out.

    Right, pinging 8.8.8.8 works. No packet loss.

    Please see the image bellow for the settings I have.



  • If ping from FW works, it means the ISP is up and FW is able to "get out."

    The next thing u should do is, at your PC, I assume Windows, do a IPCONFIG /ALL, GATEWAY should be the IP of the FW, this is configured under DHCP.

    Any other PC/laptop work, just this PC is broke?



  • @SammyWoo:

    If ping from FW works, it means the ISP is up and FW is able to "get out."

    The next thing u should do is, at your PC, I assume Windows, do a IPCONFIG /ALL, GATEWAY should be the IP of the FW, this is configured under DHCP.

    Any other PC/laptop work, just this PC is broke?

    Default Gateway is blank.



  • U didn't answer my other question.  If other PC/laptops are having the same prob then your DHCP server is configured wrong. It could be the DNS setting.

    So that you don't get confused, the 172 GATEWAY above refers to the WAN gateway, that seems fine, your problem is the LAN GATEWAY.



  • @SammyWoo:

    U didn't answer my other question.  If other PC/laptops are having the same prob then your DHCP server is configured wrong. It could be the DNS setting.

    So that you don't get confused, the 172 GATEWAY above refers to the WAN gateway, that seems fine, your problem is the LAN GATEWAY.

    Sorry, yes this affects every machine connected to the firewall.

    I should mention that the BT internet is a fail over and the main internet is virgin media (which is working fine).

    Do you need screenshots of any of my other settings?

    This is my DCHP settings page:



  • Oh sorry am not familiar with a failover configuration.  All I know is, whatever the configuration should be, once you fail-over, you lost the LAN GATEWAY.



  • @SammyWoo:

    Oh sorry am not familiar with a failover configuration.  All I know is, whatever the configuration should be, once you fail-over, you lost the LAN GATEWAY.

    So With only the BT connection enabled, I am able to ping and trace route google from pfsense. I also added a static route for 9.9.9.9 which pings and trace routes as it should. However I cant get web pages to load on a connected pc.

    When I ping google from my windows pc I get Host Unreachable.


  • Netgate Administrator

    To correctly configure Multi-WAN you need to make a few changes.

    Configure a gateway group.

    Set firewall rules to make sure your LAN side clients are using that group.

    Switch to the DNS forwader or use the Resolver in forwarding mode. (or using default gateway switching)

    Make sure you have DNS servers defined on both gateways in System > General setup.

    https://doc.pfsense.org/index.php/Multi-WAN

    How much of that have you done?

    Steve



  • @stephenw10:

    To correctly configure Multi-WAN you need to make a few changes.

    Configure a gateway group.

    Set firewall rules to make sure your LAN side clients are using that group.

    Switch to the DNS forwader or use the Resolver in forwarding mode. (or using default gateway switching)

    Make sure you have DNS servers defined on both gateways in System > General setup.

    https://doc.pfsense.org/index.php/Multi-WAN

    How much of that have you done?

    Steve

    I have a gateway group. Virgin Media is Tier 1 and BT is Tier 2 and set to Packet Loss or High Latency.

    The IPv4 LAN rule is set to use that group.

    I have ticked the box to enable the DNS Forwarder. Not really sure about what else to do on this page. I have selected BT as the interface. Is there anything else I need to do for this page?

    Both are set to use Google's DNS servers.


  • Netgate Administrator

    You need to have at least one DNS server defined on each WAN so DNSmasq will still have a valid upstream server when one WAN is down.

    Do you see the failover group show the gateway status correctly when you are testing in Status > Gateways?

    Can we see your LAN rules?

    'Host unreachable' implies it was able to resolve google.com but no replies came back. Can you ping google.com from the fireewall in Diag > Ping if you select the BT WAN as source?

    Steve



  • @stephenw10:

    You need to have at least one DNS server defined on each WAN so DNSmasq will still have a valid upstream server when one WAN is down.

    Do you see the failover group show the gateway status correctly when you are testing in Status > Gateways?

    Can we see your LAN rules?

    'Host unreachable' implies it was able to resolve google.com but no replies came back. Can you ping google.com from the fireewall in Diag > Ping if you select the BT WAN as source?

    Steve

    So for DNS I have Couldflare ( 1.1.1.1 & 1.0.0.1 ) for Virgin Media and Google ( 8.8.8.8 & 8.8.4.4 ) for BT.

    I see the gateway group, however it says the the BT line is offline.

    LAN Rules - https://imgur.com/M9fiR2L

    I am able to ping using the BT source:

    BT Ping Results:

    PING www.google.co.uk (216.58.198.67) from 86.185.168.183: 56 data bytes
    64 bytes from 216.58.198.67: icmp_seq=0 ttl=54 time=15.289 ms
    64 bytes from 216.58.198.67: icmp_seq=1 ttl=54 time=15.089 ms
    64 bytes from 216.58.198.67: icmp_seq=2 ttl=54 time=15.070 ms
    
    --- www.google.co.uk ping statistics ---
    3 packets transmitted, 3 packets received, 0.0% packet loss
    round-trip min/avg/max/stddev = 15.070/15.149/15.289/0.099 ms
    

  • Netgate Administrator

    Ok you probably need to change the monitoring IP on the BT gateway. Their internal devices with private IPs often don't respond to ping.
    Since you're using Google DNS on that gateway already try setting it to 8.8.8.8.

    Steve



  • @stephenw10:

    Ok you probably need to change the monitoring IP on the BT gateway. Their internal devices with private IPs often don't respond to ping.
    Since you're using Google DNS on that gateway already try setting it to 8.8.8.8.

    Steve

    Right, I have set the monitor IP to 8.8.8.8 and the gateway now shows as online.

    I wont be able to test if I can get internet with it till the morning, so for now I can only hope this works!


  • Netgate Administrator

    You can test it against a single client by adding a firewall rule to pass traffic from just that one IP at the top of the LAN list and setting it's gateway to the BT WAN directly.

    Steve



  • @stephenw10:

    You can test it against a single client by adding a firewall rule to pass traffic from just that one IP at the top of the LAN list and setting it's gateway to the BT WAN directly.

    Steve

    Thanks that worked!


Log in to reply