Why so hard to get pfsense to works?



  • Hi i normaly use Asus\netgear as ruter, but try to use PFsense to see if it works better, but i have lot of issue to get Ipv6 and connect to web to works, its look like it get disconected, so what is needed to get internet to works?

    Why did pfsense dont have browser? Or GUI? its have be better if it give examples of ip adress or why its not works? Should it works with Mellanox ConnectX-2?


  • LAYER 8 Global Moderator

    Its not... You pretty much turn it on - follow the bouncing ball and your up in running like 2 minutes tops..

    Without details of what issue your specifically having.. Its impossible to help you..

    Maybe you have better luck if you ask your questions in your native language section?
    https://docs.netgate.com/pfsense/en/latest/install/installing-pfsense.html



  • I get ip adress, but how to check internet from Pfsense? its look like its have issue to get update?
    Because from client (windows 10\linux) i get limited or no connection to internet.

    Its a way to start GUI based boot?
    Why is not UEFI added?

    *** Welcome to pfSense 2.4.4-RELEASE (amd64) on pfSense ***
     WAN (wan)       -> em0        -> v4/DHCP4: 172.21.16.38/24
     WAN (lan)       -> em1        -> v4: 192.168.1.1/24
    
     0) Logout (SSH only)                  9) pfTop
     1) Assign Interfaces                 10) Filter Logs
     2) Set interface(s) IP address       11) Restart webConfigurator
     3) Reset webConfigurator password    12) PHP shell + pfSense tools
     4) Reset to factory defaults         13) Update from console
     5) Reboot system                     14) Disable Secure Shell (sshd)
     6) Halt system                       15) Restore recent configuration
     7) Ping host                         16) Restart PHP-FPM
     8) Shell
    
    Enter an option:
    

    I also get like this one, but how to check if internet works from pfsense?



  • hit 8

    Then from a prompt ping 8.8.8.8

    Type exit to get back to the menu

    Can you ping 192.168.1.1 from the pc ?



  • @NogBadTheBad

    Yes i get connection to pfsense router menu, but not internet, get issue with ping also, no reply.
    So how did you point from one card to other? Bridge connection or port forward?



  • "WAN (wan) -> em0 -> v4/DHCP4: 172.21.16.38/24"

    Errr what is your pfSense router connected to upstream?



  • Its other switch, that is connected to a modem.
    Ip adress is not correct, its only a example, but its on other range. more like example 80.99.99.1
    I have issue with ipv6 also, on my router its do this by self but pfsense did i need to select ipv6 adress, its hard, because if i select wrong its did not works.



  • If you connect a PC to the switch the other side of the pfsense router do you have internet access ?



  • @NogBadTheBad no i get DNS_PROBE_FINISHED_NO_INTERNET

    But i have access to go to 192.168.1.1 so ping works.



  • @lmh1 said in Why so hard to get pfsense to works?:

    DNS_PROBE_FINISHED_NO_INTERNET

    From the router is DNS resolving ?

    Type in host google.com

    Actually ignore that you said a ping to 8.8.8.8 fails.


  • LAYER 8 Netgate

    Did you completely restart whatever this "modem" is?



  • Yes, its also works with firmware updates, its say is not pfsense update available.
    so its most be connection from one card to other that is the issue.


  • LAYER 8 Netgate

    Anyway, as has been said, pfSense works out-of-the-box with a DHCP WAN and 192.168.1.1/24 on LAN with a DHCP server. It requires no special configuration.

    Can you ping whatever DHCP is giving you as the default gateway from the firewall?



  • i found out that reset to factory default works. So that fix it.

    But how safe is pfsense with lastest update compared with merlin build or other asus\netgear router?
    If pfsense more safe or not? how did you find networks attack?


  • Netgate Administrator

    It's as safe as you configure it to be.

    By default it blocks all incoming connections and allows all outgoing connections. That's what most firewalls do. pfSense is safer, IMO, than most soho devices as it does not have UPnP enabled by default. I've never used a Merlin firmware so I couldn't tell you about that.

    Steve



  • But did Pfsense have 4g mobile hotswop?
    Because i find it hard to add camera, printer download manager, devices list, its may possible to get it, but still hard to find it?

    Is it possible to add wireless (Mainboard) e.g asrock Fatal1ty X470 Gaming-ITX/ac.
    because i use asus ac66u now as wireless accesspoint.



  • Hi,

    I understood this part :
    @lmh1 said in Why so hard to get pfsense to works?:

    because i use asus ac66u now as wireless accesspoint.

    I'm using myself several AP's to host the Captive portal, using by my clients.

    But this :
    @lmh1 said in Why so hard to get pfsense to works?:

    But did Pfsense have 4g mobile hotswop?
    Because i find it hard to add camera, printer download manager, devices list, its may possible to get it, but still hard to find it?
    Is it possible to add wireless (Mainboard) e.g asrock Fatal1ty X470 Gaming-ITX/ac.

    I'll reply upfront : no, there is no coffee-machine option neither, and yes, you can use it to launch nukes.

    pfSense is a firewall/router. Not a download manager.
    It might accept some Wireless support, but you'll be much better of with external AP's.
    Check first if your "Fatal1ty X470 Gaming-ITX/ac" runs fine using FreeBSD (== hardware recognized).

    I guess you do understand that pfSense doesn't really want a "gamer mobo".

    What is a hotswop ? A 4G USB dongle ? => Stay away from those. Check out the numerous questions on the forum about USB NIC's . As always, check first if FreeBSD supports them natively. If so, you might have a chance they will work with pfSense.



  • example: Nighthawk M1 Mobile Hotspot
    But its cost a lot, and i did need router if i have pfsense.

    But witch hardware did you use? https://www.gigabyte.com/Server-Motherboard/MA10-ST0-rev-11#ov is this the best mainboard for users? did not know cores\vs high cpu speed? what is needed for 10 gigabit ethernet VPN server with much load?


  • LAYER 8 Global Moderator

    @lmh1 said in Why so hard to get pfsense to works?:

    i did need router if i have pfsense.

    Huh? Pfsense is a router.. You would need a modem to change whatever your isp transports the connection over to ethernet sure...

    That M1 is whole bunch of stuff in one.. Shit the thing even runs on its own battery for 24 hours.. So no its not going to be freaking 10 bucks.. It can connect to LTE (cellular) network and then provide wifi to clients, etc.. You can charge your phones off its internal battery.. It will stream media you connect to, etc.. Its meant as a travel router - you take it with you on trips, etc. business or pleasure.. Then can provide all your devices internet over wifi with LTE connection for example... So yeah such a device comes with a price tag.

    Your ISP normally will provide the "modem" as part of your plan.. Or you can buy your own so you don't get a monthly charge, etc.

    But if what your asking for is how to add wifi to your network behind pfsense - then any freaking $20 old wifi router can do that.. Any!!! Or you could get a real AccessPoint for a few bucks more..

    As to that MB... That is WAY over the top for a router/firewall... Normal builds you see people using are in the $200-300 range total... Maybe something like the sg-1100 would be good start for you... If your looking for pfsense box.. But pretty much it could run on any old pc hardware you having laying around if your budget is tight.

    https://store.netgate.com/pfSense/SG-1100.aspx
    $159 USD

    Shoot you can even run pfsense on a VM on the PC your using now if you really wanted to and don't have money for hardware.



  • But some accesspoint is useless old one, so its not easy to use internal wifi card to it? I guess its possible, but did not know support of it if it use other than intel.
    Linux\unix support is very good.


  • LAYER 8 Global Moderator

    Freebsd wireless support is very limited, since pfsense base is freebsd this means its wifi support is very limited. While you can do it... It's not something anyone would suggest.

    You are much better off getting a real AP for wireless, or just use any wifi router you want that has the wireless chops you need.. Any soho wifi router can be used as just an AP.. You turn off its dhcp server, and connect it to your network via one of the LAN ports on it - and there you go AP!

    If you want a decent AP, then look at say the unifi stuff.. the AC lite is good choice for someone on budget.. Runs about $80 USD...

    But you could also just get something of amazon for like $40, any AC off brand no frills wifi router could provide you 2x2 AC wifi connection.. Refurb maybe even cheaper... All you need it for is wifi to your network... That for sure would be WAY better than any wifi card you add to pfsense box..



  • But hardware is it better to use Pentium\Atom? (8\16 core?)
    Because linux\windows support many cores.
    But i not sure if it use it, or core i3 8350 and ryzen 5 2500 is much faster? But think support of Radeon Vega Mobile is not very good.

    So its not possible to add GUI to Pfsense (install grapical destop like KDE\gnome)
    Youtube Video

    so computer can be used as workstation to?
    I did not know much about opensuse tumbleweed but they opensuse dhcp text
    But not think is works easy to manage router.

    Is it a way to get CDN (Content Delivery Network) so i can add hdd\SSD to cache everything that i downloaded, and get from server istead of internet?


  • LAYER 8 Global Moderator

    @lmh1 said in Why so hard to get pfsense to works?:

    so computer can be used as workstation to?

    Dude - that is NOT what pfsense is about... If you want to use some linux distro as router, go ahead and do that.. That is not what pfsense is about at all..

    If you want to leverage hardware for desktop and router at the same time - then run pfsense in a VM on said hardware.. No they are NOT going to install some gui on pfsense so you can use to play some game, or work on your home work while it routes...



  • I have tryed vm with virtualbox\vmware but its did not works well, i did not get router configuration site to work outside vmware\virtualbox so. And how to set up router there is for me unknow. Its nice if i get some help here? Its a international networks and card intel. As it use 1 card as 2 card?


  • LAYER 8 Global Moderator

    If you need help on how to setup virtualbox I suggest you hit up their forums..

    https://docs.netgate.com/pfsense/en/latest/virtualization/virtualizing-pfsense-with-vmware-vsphere-esxi.html

    Below that are guides on hyper-v and proxmox as well.. Sure there are some guides for vitualbox as well all over the inernet (can not vouch for their correctness) .. Back in the day ran it on virtualbox myself... All of the vm software in concept are the same.. But yes your going to need to understand those concepts if you want to run a router on a VM host.

    I would suggest you start a thread in the virt section
    https://forum.netgate.com/category/33/virtualization

    If you want specific help.

    If your vm host only has 1 nic its going to be more difficult, but not impossible and multiple ways to skin the cat depending on your skillset and hardware you have on hand.. Vlans would be how you would do it normally, but if all you want is the host itself and vms on the same host to route to wan from the vm pfsense - that can be done as well with simple host only network.. Again start a thread in the virt section for any specifics you might have questions on.


Log in to reply