Is UEFI Causing my issues with pfsense install??
-
I just installed the latest pfsense version on some hardware I just picked up. It has two Ethernet ports in the back that have separate addresses. I got the amd 64bit installed just fine and I setup the lan and WAN interfaces, however I am unable to connect to the via web gui, can't ping, etc… I can ping both ports from the pfsense machine itself, but that's just local and can't from anything on the actual network.
I have a comp. directly connected to the LAN port (confirmed LAN) and have configured the eth. connection on that comp to be in the same subnet etc... by manually assigning an address and related information. I've been wrestling with this all last night and this morning.
I even restored the everything to default settings several times and retired it. I just popped in a network card as to try something that wasn't onboard, but have yet to try it as I'm at work now.
Gigabyte GA-H77N-WIFI
Intel Core i3 3225https://ark.intel.com/products/65692/Intel-Core-i3-3225-Processor-3M-Cache-3_30-GHz
Here is the board: https://www.gigabyte.com/nl/Motherboard/GA-H77N-WIFI-rev-10#ov
I'm not sure what I'm overlooking here.
-
I was able to get the added NIC tested and it worked great, but I'd still like to figure out the onboard NIC/Ports figured out. Any idea why they wouldn't be working?
I did have issues with the gui going back to login every time I clicked on something and I didn't even need a password to get back in after that. Seems like a cert issue or something maybe. I'm not sure, but I've never seen anything like that.
The onboard NICS are RealTek 8168/8111. I'm guessing it HAS something to do with the BIOS somewhere, but have no idea what the deal is.
-
So pfSense 'sees' the re NICs and you can assign them?
Any errors in the boot log?
Do you see an active LINK on the NICs when you connect them? Link LEDs on the ports? Output of ifconfig?
Steve
-
I did have issues with the gui going back to login every time I clicked on something and I didn't even need a password to get back in after that. Seems like a cert issue or something maybe. I'm not sure, but I've never seen anything like that.
Disconcerting but perfectly normal. When u sign on to any website, they maintain your signon for some time do they not, otherwise it would be just annoying to re-enter your signon anytime you just wanto briefly step away from it. pFsense does have a default long time-out but this is configurable.
As for your NICs, I guess it's time to figure out how many NIC does FreeBSD saw during boot, time to look at the boot log. Doesn't hurt to look at BIOS if both ports are enabled.
-
NICs are recognized by pfsense, I can assign them, they have activity lights, but gosh I can NOT connect to them or ping them from something on the network when I connect the LAN to the network or if I connect it directly to a laptop. The NIC that I installed in the PCIe 3.0x slot worked great when I configured it, but I'd like to use the onboard NICs and have that as a backup if those ports ever fail (not as a failover, just extra hardware). The onboard NICs are both enabled in the BIOS, I double checked this. I thought maybe the ports were somehow tethered together and working in conjunction and therefore not be able to be assigned separately, but I couldn't find anything like this in the bios.
I'll get some more info when I'm at the machine again in about an hour or so.
The logout issue happened every time I clicked on any link in the WEBGUI. Unless the GUI timeout was 2 seconds, that couldn't be the issue there. I'll hop on another browser and see if it persists.
-
I have seen that logout issue happen if you're accessing the GUI via a port forward and have another firewall effectively sharing the IP.
There seem to be reports of successful installs on that board and also some reports of NIC issue but both older. If we can get the output of this from the command line it might help:
pciconf -lvSteve
-
Thanks everyone for pitching in on assistance. :) I'm on the requests now, just got back and am at the machine. It's a bit cumbersome to work on as it's stuffed in a closet at the moment.
-
Not the greatest, but it's hard to pull the info I suppose without ssh access or similar from another comp. I suppose I could maybe pull that on to a USB and copy it over here.
-
The logout issues happen when I try to restore a configuration from another machine. Once I hit restore and go to change the interfaces so they match and the vlans etc.. every single time I click on anything it goes back to the login screen and I don't have to even type anything and it'll go back in to the gui. I can't get any changes to stick though, so I can't struggle my way past that problem.
-
I've gotten the router fully functional and in the system with the NIC. I was able to restore all configurations from a different router on to this one with the newer updated software/version. I'm still at a loss on why the on board ports aren't working though.
Any ideas?
-
pciconf -lv
hostb0@pci0:0:0:0: class=0x060000 card=0x50001458 chip=0x01508086 rev=0x09 hdr=0x00 vendor = 'Intel Corporation' device = 'Xeon E3-1200 v2/3rd Gen Core processor DRAM Controller' class = bridge subclass = HOST-PCI pcib1@pci0:0:1:0: class=0x060400 card=0x50001458 chip=0x01518086 rev=0x09 hdr=0x01 vendor = 'Intel Corporation' device = 'Xeon E3-1200 v2/3rd Gen Core processor PCI Express Root Port' class = bridge subclass = PCI-PCI vgapci0@pci0:0:2:0: class=0x030000 card=0xd0001458 chip=0x01628086 rev=0x09 hdr=0x00 vendor = 'Intel Corporation' device = 'Xeon E3-1200 v2/3rd Gen Core processor Graphics Controller' class = display subclass = VGA xhci0@pci0:0:20:0: class=0x0c0330 card=0x50071458 chip=0x1e318086 rev=0x04 hdr=0x00 vendor = 'Intel Corporation' device = '7 Series/C210 Series Chipset Family USB xHCI Host Controller' class = serial bus subclass = USB none0@pci0:0:22:0: class=0x078000 card=0x1c3a1458 chip=0x1e3a8086 rev=0x04 hdr=0x00 vendor = 'Intel Corporation' device = '7 Series/C216 Chipset Family MEI Controller' class = simple comms ehci0@pci0:0:26:0: class=0x0c0320 card=0x50061458 chip=0x1e2d8086 rev=0x04 hdr=0x00 vendor = 'Intel Corporation' device = '7 Series/C216 Chipset Family USB Enhanced Host Controller' class = serial bus subclass = USB hdac0@pci0:0:27:0: class=0x040300 card=0xa0021458 chip=0x1e208086 rev=0x04 hdr=0x00 vendor = 'Intel Corporation' device = '7 Series/C216 Chipset Family High Definition Audio Controller' class = multimedia subclass = HDA pcib2@pci0:0:28:0: class=0x060400 card=0x50011458 chip=0x1e108086 rev=0xc4 hdr=0x01 vendor = 'Intel Corporation' device = '7 Series/C216 Chipset Family PCI Express Root Port 1' class = bridge subclass = PCI-PCI pcib3@pci0:0:28:4: class=0x060400 card=0x50011458 chip=0x1e188086 rev=0xc4 hdr=0x01 vendor = 'Intel Corporation' device = '7 Series/C210 Series Chipset Family PCI Express Root Port 5' class = bridge subclass = PCI-PCI pcib4@pci0:0:28:5: class=0x060400 card=0x50011458 chip=0x1e1a8086 rev=0xc4 hdr=0x01 vendor = 'Intel Corporation' device = '7 Series/C210 Series Chipset Family PCI Express Root Port 6' class = bridge subclass = PCI-PCI pcib5@pci0:0:28:6: class=0x060400 card=0x50011458 chip=0x1e1c8086 rev=0xc4 hdr=0x01 vendor = 'Intel Corporation' device = '7 Series/C210 Series Chipset Family PCI Express Root Port 7' class = bridge subclass = PCI-PCI ehci1@pci0:0:29:0: class=0x0c0320 card=0x50061458 chip=0x1e268086 rev=0x04 hdr=0x00 vendor = 'Intel Corporation' device = '7 Series/C216 Chipset Family USB Enhanced Host Controller' class = serial bus subclass = USB isab0@pci0:0:31:0: class=0x060100 card=0x50011458 chip=0x1e4a8086 rev=0x04 hdr=0x00 vendor = 'Intel Corporation' device = 'H77 Express Chipset LPC Controller' class = bridge subclass = PCI-ISA ahci0@pci0:0:31:2: class=0x010601 card=0xb0051458 chip=0x1e028086 rev=0x04 hdr=0x00 vendor = 'Intel Corporation' device = '7 Series/C210 Series Chipset Family 6-port SATA Controller [AHCI mode]' class = mass storage subclass = SATA none1@pci0:0:31:3: class=0x0c0500 card=0x50011458 chip=0x1e228086 rev=0x04 hdr=0x00 vendor = 'Intel Corporation' device = '7 Series/C216 Chipset Family SMBus Controller' class = serial bus subclass = SMBus em0@pci0:1:0:0: class=0x020000 card=0x115e8086 chip=0x105e8086 rev=0x06 hdr=0x00 vendor = 'Intel Corporation' device = '82571EB Gigabit Ethernet Controller' class = network subclass = ethernet em1@pci0:1:0:1: class=0x020000 card=0x115e8086 chip=0x105e8086 rev=0x06 hdr=0x00 vendor = 'Intel Corporation' device = '82571EB Gigabit Ethernet Controller' class = network subclass = ethernet re0@pci0:3:0:0: class=0x020000 card=0xe0001458 chip=0x816810ec rev=0x06 hdr=0x00 vendor = 'Realtek Semiconductor Co., Ltd.' device = 'RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller' class = network subclass = ethernet re1@pci0:4:0:0: class=0x020000 card=0xe0001458 chip=0x816810ec rev=0x06 hdr=0x00 vendor = 'Realtek Semiconductor Co., Ltd.' device = 'RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller' class = network subclass = ethernet iwn0@pci0:5:0:0: class=0x028000 card=0x40628086 chip=0x08878086 rev=0xc4 hdr=0x00 vendor = 'Intel Corporation' device = 'Centrino Wireless-N 2230' class = network
-
ifconfig
em0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 options=4009b <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,vlan_hwtso>ether 00:15:17:3d:9c:0a hwaddr 00:15:17:3d:9c:0a inet6 fe80::215:17ff:fe3d:9c0a%em0 prefixlen 64 scopeid 0x1 inet 192.168.1.112 netmask 0xffffff00 broadcast 192.168.1.255 nd6 options=21 <performnud,auto_linklocal>media: Ethernet autoselect (100baseTX <full-duplex>) status: active em1: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 options=5009b <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,vlan_hwfilter,vlan_hwtso>ether 00:15:17:3d:9c:0b hwaddr 00:15:17:3d:9c:0b inet6 fe80::215:17ff:fe3d:9c0b%em1 prefixlen 64 scopeid 0x2 inet 192.168.5.1 netmask 0xffffff00 broadcast 192.168.5.255 nd6 options=21 <performnud,auto_linklocal>media: Ethernet autoselect (100baseTX <full-duplex>) status: active re0: flags=8802 <broadcast,simplex,multicast>metric 0 mtu 1500 options=8209b <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,linkstate>ether 90:2b:34:d8:db:b7 hwaddr 90:2b:34:d8:db:b7 nd6 options=21 <performnud,auto_linklocal>media: Ethernet autoselect (none) status: no carrier re1: flags=8802 <broadcast,simplex,multicast>metric 0 mtu 1500 options=8209b <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,linkstate>ether 90:2b:34:d8:db:c7 hwaddr 90:2b:34:d8:db:c7 nd6 options=21 <performnud,auto_linklocal>media: Ethernet autoselect (none) status: no carrier lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384 options=600003 <rxcsum,txcsum,rxcsum_ipv6,txcsum_ipv6>inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5 inet 127.0.0.1 netmask 0xff000000 nd6 options=21 <performnud,auto_linklocal>groups: lo enc0: flags=0<> metric 0 mtu 1536 nd6 options=21 <performnud,auto_linklocal>groups: enc pflog0: flags=100 <promisc>metric 0 mtu 33160 groups: pflog pfsync0: flags=0<> metric 0 mtu 1500 groups: pfsync syncpeer: 224.0.0.240 maxupd: 128 defer: on syncok: 1 em1.2: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 options=3 <rxcsum,txcsum>ether 00:15:17:3d:9c:0b inet6 fe80::215:17ff:fe3d:9c0b%em1.2 prefixlen 64 scopeid 0x9 nd6 options=21 <performnud,auto_linklocal>media: Ethernet autoselect (100baseTX <full-duplex>) status: active vlan: 2 vlanpcp: 0 parent interface: em1 groups: vlan ovpnc1: flags=8051 <up,pointopoint,running,multicast>metric 0 mtu 1500 options=80000 <linkstate>inet6 fe80::215:17ff:fe3d:9c0a%ovpnc1 prefixlen 64 scopeid 0xa inet 10.19.10.6 --> 10.19.10.5 netmask 0xffffffff nd6 options=21 <performnud,auto_linklocal>groups: tun openvpn Opened by PID 7940</performnud,auto_linklocal></linkstate></up,pointopoint,running,multicast></full-duplex></performnud,auto_linklocal></rxcsum,txcsum></up,broadcast,running,simplex,multicast></promisc></performnud,auto_linklocal></performnud,auto_linklocal></rxcsum,txcsum,rxcsum_ipv6,txcsum_ipv6></up,loopback,running,multicast></performnud,auto_linklocal></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,linkstate></broadcast,simplex,multicast></performnud,auto_linklocal></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,linkstate></broadcast,simplex,multicast></full-duplex></performnud,auto_linklocal></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,vlan_hwfilter,vlan_hwtso></up,broadcast,running,simplex,multicast></full-duplex></performnud,auto_linklocal></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,vlan_hwtso></up,broadcast,running,simplex,multicast>
-
I assume there was nothing connected at that time? Link state shows down for both re NICs.
You have hardware offloading enabled which can be an issue with Realtek especially. Make sure it is all disabled in System > Advanced > Networking.
Steve
-
Thank! I'll take a look at that option.
I have nothing assigned or hooked up to the realtek ports.
I have the router fully operational on the intel ports. That was a breeze for the most part. How could I test the realtek ports with my current setup without having to dump the existing configuration?
Could I simply assign a realtek port a LAN and static IP and see if I can connect to the machine that way?
-
TBH forget about the Realtek ports, they will likely cause issues. Best thing is to disable them in the BIOS, if you can.
-
Mmm, that's probably the least hassle course of action.
Yes, you can just re-assign an interface to one of them.
Steve
-
Sounds good. I'll forget about them and disable them in the bios. I just figured it would be nice to utilize the onboard ones and then have the pcie slot open for future expansion of who knows what or to use pcie NIC as a backup when/if the realtek ones died.
