pfSense n00b (Smoothwall user)
-
@The_Librarian said in pfSense n00b (Smoothwall user):
.. that freaks out when it sees the Huawei
As far as I know, Netgate is not business related to Google ;)
Your router hs a DHCP server, so it hands out IP's. But always check if the rest also came over.
A DHCP client quests asks for an IP, everybody knows that, but also a DNS (important) and a gateway (very important ! check tjat you got one in pfSense).Your router refuses to reply on ICMP so check your router.
You declared a DMZ on your router ? -
@The_Librarian said in pfSense n00b (Smoothwall user):
Huawei B315
That should be fine.
If you did not add a firewall rule to allow it I would not expect the Smoothwall in the 192.168.8.X subnet to be able to ping pfSense in that same subnet. Pings to the WAN are blocked by default.
Check that it is really the Huawei device handing pfSense a DHCP lease if you can and not some other rogue DHCP server.
Check the pfSense ARP table (in Diagnostics) make sure the MAC address it has for the Huawei gateway IP is correct.
It sounds like something may not be connected as you intended.
Steve
-
Ah ... I thought he was pinging from pfSense console or some pfSense LAN device to the Huwai router.
That should pass out of the box.
I can ping my (ISP) upstream router just fine - a RFC 1918 device : 192.168.10.1 (WAN IP pfSense 192.168.10.11)Pinging from "smoothwall", a LAN device for the Huwai router to the WAN pfSense interface - another LAN device for the Huwai is, ofcourse, by default, not possible.
Default, the "smoothwall" wouldn't reply to a ping neither (I'm pretty sure here). -
So you should be getting a 192.168.8.x address for the Wan interface of your PFSense box/VM?
If so. It might be a setting. Under interfaces/wan - is the block private networks and ....... Selected? Try deselecting it
-
@Mats said in pfSense n00b (Smoothwall user):
is the block private networks and ....... Selected? Try deselecting it
I thought the same thing, because my upstream router uses RFC 1918 - but, no, setting that option, or not, doesn't change anything related to the 'Internet' access.
Mine is set now (my WAN IP is 192.168.10.11 - gateway 192.168.10.1) and that didn't change anything. -
Indeed that blocks inbound traffic from private IPs, which would not normally be coming into a WAN.
Except in situations like this. With that checked pings to the WAN IP from Smoothwall would still be blocked even with an allow pings rule on WAN.
Steve
-
Hi Guys
I have a suspicion that the B315 router is not playing well.
To test this, I will replace it with a Mikrotik + 3G dongle. If it indeed is the B315 then pfSense will connect etc.
Will keep you updated on this, as I've struggled yesterday evening without any success.
So it either is the LTE router or the LAN NIC. One of these two is playing silly buggers with me. Bah.
Cheers.
Ook
-
@Mats Have tried that as well, no joy. See my post above as I think the issue may be with the B315.
-
Are we correct in thinking both pfSense and Smoothwall have a WAN IP in the 192.168.8.0/24 subnet in your test setup?
Steve
-
Hi Guys
It was the RED NIC playing silly buggers. Weird.
I have since then replaced the whole PC with another one, and things are looking quite well.
Will take a shufty at SSL filtering since that is what I need to do with the pfSense installation.
Regards
Ook
