New Install of pfsense, L3 managed switch with vlans, no internet

  • Hello,

    I'm new to pfsense. I installed a dockerized version of pfsense 2.4.4 p1 on my unRaid server. The docker has exclusive use of a 4 port Intel ethernet card (so no bridging).

    My network topology is as follows:

    internet----ISP modem (bridge mode) PPPOe---pfsense---LAN( /30)----Cisco 3560e switch ( 2).

    The switch has been handling all of my dhcp duties. I currently have 6 vlans configured on the switch, with interVLAN routing working.

    Vlan 10 --
    Vlan 20 --
    Vlan 30 -- etc...

    Vlan 66 -- TRANSIT

    I have configured pfsense as per this thread:


    I know the WAN shows as down here. I have to keep changing my configuration to re-establish my internet connection. I have two modems--one which is configured the "normal way", bypassing pfsense, and the second that is set in bridge mode and runs through pfsense.



    After two weeks of fussing with this, I was finally able to ping from both the pfsense box and my cisco switch. However, I still cannot get an internet connection.

    All interVLAN routing is working. I can ping from any vlan to any other vlan. I can ping the default gateway, and I can ping the pfsense box at

    My route of last resort in the cisco is set to

    I'm missing something obvious. I think it may be dhcp or dns related, but I don't know enough about networks to be sure.

    Any help would be greatly appreciated.

  • LAYER 8 Netgate

    What are the firewall rules on the transit interface of pfSense?

  • 0_1549934632506_99288820-c278-41db-a10f-6f84a28fc52e-image.png


    These are the only firewall rules that are configured.

  • LAYER 8 Netgate

    Those WAN pass any rules are almost certainly not what you want. Dangerous.

    Outbound NAT?

  • 0_1549936032162_0bec6b4d-20e4-48f0-9215-390360c44af6-image.png

  • LAYER 8 Netgate

    Looks fine. Going to have to apply some basic network troubleshooting skills to see what is not working.

  • I noticed that the source under NAT says local host ( Would this be true even if you are running pfsense as a virtual machine?

    Yeah, I know that the WAN rules are too open. I just wanted something for testing.

  • LAYER 8 Netgate

    Where in NAT? Outbound?

    Yes, it is perfectly normal to apply outbound NAT to localhost addresses and whether or not it is a VM has nothing to do with anything.