• PfSense 2.4.4-RELEASE-p2 (amd64) is virtualised and the WAN IP has become

    The ISP modem is bridges to pfSense.

    I have rebooted the modem and pfSense.

    The Internet worked fine for months, but now the pfSense WAN IP seems to be the problem. How to find the bridged modem’s DHCP lease if this is the issue?

  • You could try doing a packet capture on WAN and then run it through Wireshark and see exactly what's going on.

  • Add to what @KOM said :

    Your pfSense WAN interface isn't 'connected' to your ISP modem.
    Connected can be : physical using an RJ45 cable - and also virtual if you are using a VM and the interface declared WAN in the VM is really connected to a real NIC in your VM host so you can connect it to your modem.

  • @Gertjan Okay, I checked the VM host with VM pfSense running.
    vtnet0 is connected for WAN.
    vtnet1 is connected for LAN.

    I reboot the bridged modem and pfSense WAN shows
    After a minute the WAN IP is again?

  • Well, have someone checking the logs to see what happens on with that WAN interface.
    And do what @KOM said.

  • Okay, ran a packet capture from the vm pfSense > Diagnostics > Packet Capture > Interface: WAN.
    05:05:09.928504 ARP, Request who-has tell, length 46

  • LAYER 8 Global Moderator

    @eiger3970 said in No WAN IP:

    pfSense WAN shows

    192.168.100 is normally the network the cable modems dhcp server hands out when it doesn't have actual connection.

    When changing the device that is connected to a cable modem - you almost always need to power cycle the cable modem.. Make sure all the lights on the modem show it has a valid connection, then power up your pfsense or have it try and renew its lease.

    What your going to want to look for on you packet capture is dhcp traffic - set your port on your capture to 67

    If this is a VM, make sure whatever the host that controls that nic is not grabbing your IP from your ISP.

    What are you using for VM host? esxi? hyper-v, virtualbox ? etc. etc.

  • I ran the pfSense packet capture on pfSense’s WAN for port 67 and same results.

    I powered down the ISP bridged modem, shutdown the vm pfSense, turned on the ISP bridged modem, turned on the vm pfSense and same results.

    The vm pfSense is hosted in Proxmox.

    Not sure on checking the vm host dhcp management,
    The cm pfSense shows hardware (virtual network device).
    Network Device (net0) virtio=42:63:7C:E4:6C:E3,bridge=vmbr0
    Network Device (net1) virtio=A6:2D:D5:4F:6C:F3,bridge=vmbr1

  • LAYER 8 Global Moderator

    @eiger3970 said in No WAN IP:

    I ran the pfSense packet capture on pfSense’s WAN for port 67 and same results.

    So you never saw pfsense send out a discover? If so then no you would never get an IP, since you never asked for it.. When you say the same results - you mean you were seeing arps like you posted before?

  • Yes, same results as before, that is:
    05:05:09.928504 ARP, Request who-has tell, length 46

  • LAYER 8 Global Moderator

    And what is the mac on that - like I said you prob have another device on the network grabbing your IP... But if pfsense never sends a discover.. Then how would it ever get an IP?

  • The MAC ID on the pfSense:
    LAN VNIC is A6:2D:D5:4F:6C:F3.
    WAN VNIC is 42:63:7C:E4:6C:E3.

  • LAYER 8 Global Moderator

    Talking about in the arp see who 160.1 I have to assume that is your isp.. Was there any responses??? From what mac?

    Your saying when you sniff on your pfsense wan when trying to do a dhcp... All you ever see is some arp requests?

    If you never see a discover than no your isp is never going to hand you a IP..

    And again if you sniffed on wan for port 67, you wouldn't be seeing arp messages!!

    Here, I setup a capture on wan for port 67, I then when to status interfaces, wan and did a release renew.. You can see when I hit the renew it sent a request for a address, and bam the isp dhcpd responded..

    You do not see request, or discovers - then NO you would never get an IP... So saying your only seeing arps means you never even asked..


    If all your seeing is arps? Do you see responses??

  • @johnpoz
    I released and renewed the WAN, but no change.

  • LAYER 8 Global Moderator

    2 weeks dude... How can you still be dicking with this?

    And again - if you see no discover.. Then its not possible for you to get an IP.

    And again if you would of sniffed how I stated to you wouldn't be seeing arps!!

  • @johnpoz sorry, only have time every fortnight at the moment.

    Will reached the arps as per your suggestion.
    Not sure how to make it ‘discover’?

  • LAYER 8 Global Moderator

    dude your not sniffing correctly if you would not be seeing arps!! sniff UDP port 67..

    If your not seeing discover then NO your isp is never going to send you a dhcp address.. You sure your actual wan is set for dhcp!!

  • Ok, at location to test.
    Packet capture WAN port 67 UDP:
    01:46:30.629618 IP > UDP, length 300

    I see no discover, how do I make pfSense discover?

  • Ok, you want more info ?!
    What informing pfSense > Capture :


    The image shows the DHCP request, send by the DHCP Client.

    You saw the same thing, more condensed :

    @eiger3970 said in No WAN IP:

    01:46:30.629618 IP > UDP, length 300

    but my image chows a reply, the "ACK" that comes back from the DHCP server, an opstream router.

    Yours doesn't show any replies : your upstream router / DHCP server doesn't reply - doesn't exist - requests are blocked - whatever.

  • I connected the bridged ISP modem’s LAN cable to another device and Internet works.

  • @eiger3970 said in No WAN IP:

    I connected the bridged ISP modem’s LAN cable to another device and Internet works.

    One more thing to check : the WAN NIC on the pfSense device.

    Invert LAN and WAN during setup - console access - and retest.

    A pfSense can be hookup up after any (router or modem or something else) that has a DHCP server on it's LAN.
    pfSense, using DHCP client should and will receive an IP.

Log in to reply