Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    No internet on OPT1

    NAT
    3
    12
    2487
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      shubakas last edited by

      Hello
      I installed pfsense with the following configuration :

      IP box : 192.168.0.254
      IP WAN : 192.168.0.253 with Gateway 192.168.0.254
      LAN : 192.168.27.254
      OPT1 : 192.168.28.1

      (DHCP server actived on LAN and OP1, it's ok).

      I want to separate the LAN from OPT1 (we should not be able to access pfsense or the box from opt1).

      I have internet on the LAN but not on opt1.

      What did not I do for it to work please?

      Thank you

      1 Reply Last reply Reply Quote 0
      • Derelict
        Derelict LAYER 8 Netgate last edited by

        Be sure you have the following on OPT1, or at least available to the clients on OPT1:

        DHCP Server
        DNS Server
        Firewall Rules blocking or passing the desired traffic
        Outbound NAT

        Chattanooga, Tennessee, USA
        The pfSense Book is free of charge!
        DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • S
          shubakas last edited by

          DHCP server and DNS it's ok.

          On the firewall outbound i choose AON et i can see :
          WAN SOURCE 192.168.28.0/24 PORT DESTINATION 500 WAN ADRESS
          and the same but it's a "*" and not 500 in port destination

          Firewall i have no rules, i don't know which rules create.

          thank for your help

          1 Reply Last reply Reply Quote 0
          • Derelict
            Derelict LAYER 8 Netgate last edited by

            You need rules that pass or block the desired/undesired traffic from OPT1 hosts.

            Start by putting the default rule as found on LAN but adjusted for OPT1.

            Chattanooga, Tennessee, USA
            The pfSense Book is free of charge!
            DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • S
              shubakas last edited by

              I put the same 2 rules as the LAN on OPT1 but I can not create the rule ANTI LOCKOUT RULE (port 443-80).
              I don't think it's the cause of the problem.

              I don't see what to do  :-[

              1 Reply Last reply Reply Quote 0
              • Derelict
                Derelict LAYER 8 Netgate last edited by

                Post your rules.

                https://doc.pfsense.org/index.php/Connectivity_Troubleshooting

                Chattanooga, Tennessee, USA
                The pfSense Book is free of charge!
                DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
                Do Not Chat For Help! NO_WAN_EGRESS(TM)

                1 Reply Last reply Reply Quote 0
                • S
                  shubakas last edited by


                  The name "BLEU" is "OPT1"

                  1 Reply Last reply Reply Quote 0
                  • Derelict
                    Derelict LAYER 8 Netgate last edited by

                    Your rules are not just like the LAN rules. They are TCP-only. Change them to protocol any.

                    What are those three alerts in the upper right corner?

                    Chattanooga, Tennessee, USA
                    The pfSense Book is free of charge!
                    DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
                    Do Not Chat For Help! NO_WAN_EGRESS(TM)

                    1 Reply Last reply Reply Quote 0
                    • S
                      shubakas last edited by

                      Thaaaaaaaankssssss !!!!!
                      it was "ANY" and not "TCP"

                      Perfect !!!

                      The 3 alerts came from a bad old configutaion dhcp.

                      Thank you Derelict !!

                      1 Reply Last reply Reply Quote 0
                      • S
                        shubakas last edited by

                        Sorry but now, i want add a web filter on OPT1 only.

                        I installed Squid and Squidguard, I followed tutorials but how to assign filtering on OPT1 ??

                        Thanks

                        1 Reply Last reply Reply Quote 0
                        • KOM
                          KOM last edited by

                          Start a new thread in the Cache/Proxy forum.

                          1 Reply Last reply Reply Quote 0
                          • S
                            shubakas last edited by

                            Ok thanks

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post