• Hello Everyone!

    I would really appreciate your help, i've been searching in this forum for some related-post of my issue, since i saw there were some users with the same problem that i have. however after following some steps from the best responses, i still can't find the solution.

    I'm using a desktop and
    I'm using pfsense with a virtual machine installed on it.

    The topology is the next:
    I have 2 NICS.
    One goes to my the cable/modem (wan)
    One goes to a router (lan)

    I've configured the LAN DHCP service in pfSense with the ip 10.10.10.x
    Both connections are working fine in my desktop, there is internet connection. i can sent pings from both ipsources in pfsense with 0% of packet loss. (as seen in the image below)


    however, outside of the desktop. If i connected any kind of device to the router (smarth,laptop,tablet etc) (with the lan interface) there is no internet connection, even tho the dhcp configurations are loading fine. (subnets, mask, gateway, dns)

    Am i missing something? Thanks by the way!


    Apparently. I do have connection between my desktop and the virtual machine (pfSense / gateway) (since i can access the web gui and sent pings). I also have link communication with other devices inside the ip range provided by the DHCP server (which range i changed it from 10.10.10.x to 10.10.225.x).

    However, these devices does not have connection to the gateway (pfSense) and viceversa. ;S any clues?


  • Netgate Administrator

    So the desktop which does have a connection is also the VM host here?

    You have a router in between the pfSense VM and the failing devices, what is that doing? Is it actually routing? DHCP enabled?

    Do you see all the devices in Status > DHCP Leases in the GUI?

    It sounds like that router is the cause if it's really a router. I would put a switch in there or disable it's routing features if it's a SOHO all in one style unit.


  • Hello Stephen.

    Thanks for your help so far!
    this is my topology (in a better graphic way)

    Basically, all the clients are being connected to the router, in which they get all the network parameters correctly ( DNS,IP,Gateway).

    From the desktop itself, (which is hosting the Virtual machine) i can ping all other clients and even the gateway ( but, from the clients side i can not reach the gateway and viceversa (from the pfSense to Clients) and therefore i don't have access to the internet.

    Here are the devices listed in the pfSense DHCP service

    I can reach the first one (since it's the desktop ) but no the other 2.

    Thanks again!

  • Netgate Administrator

    Can you ping the desktop IP ( from the clients?

    It still looks like an issue with that router. Even in 'bridge mode' it could still be filtering. I'd try putting a switch in there instead or, if it's a soho device, using the just the switch ports. What is it?


  • Hello Stephen.

    Yes, i can ping the Desktop ip ( from all the clients without any issues.

    I'll try to get a switch, right now i don't have any available.

    In the meantime, is there any other approach that we could take?


  • Netgate Administrator

    If you can ping the VM host but not the VM that looks more like a problem with the virtual network configuration in the hypervisor.

    What exactly is the downstream router you have though?


  • Mmmmm perhaps that might be the issue. In fact. this same topology and equipment was used before with Untangle system (with DHCP service activated) in a VM, without any problems. However the configuration was all made by the wizard, (just as my current installation with pfSense) so i cant quite tell if missing some configuration which i would think that it's the case.

    Right now in the Virtual Machine.
    The NIC 1 is configured as bridge to the WAN.
    The NIC 2 is also configured as bridge to the LAN

    I'm using a Tenda N301 as a router.


  • Netgate Administrator

    Hmm, I would expect that to work.

    Check the firewall log in Status > System Logs > Firewall tab. Try to ping the LAN IP from a client. Check for entries.

    If that shows nothing try running a packet capture to see if they are even reaching the interface.


  • Hi Stephen.

    I really have to thank you for your time. The issue has been fixed.


    Well, the culprit and root cause was one of the NIC's i was using. (more specific: the LAN NIC), for some reason that i really don't know yet this NIC was not working properly (Weird, because i had Internet in the host side and connection between the host and the lan clients) so after i changed the NIC for other that i have, everything went really smooth. No extra configurations apart from the wizard.

    Thank you!

  • Netgate Administrator

    I would suspect some hardware off loading not playing nicely.

    Things can get weird when you are testing from the host itself as traffic does not actually enter/leave the NIC. It not subject to the same path as traffic from external clients.