Random loss of Internet access on XG-7100 from LAN clients

  • I am somewhat experienced with Pfsense appliances, currently managing three networks, two on SG4860 and one XG7100. On the XG7100 network, it is connected to the internet via a Cable provider in Montreal (Videotron) Works fine. However, every so often I loose all connectivity to the internet for anything on the LAN. Now I can enter the unit via a persistent Ipsec tunnel from my home Pfsense SG4860, but when I ping google from the remotely accessed box, I have no connectivity.
    I generally have to reboot the box to fix the issue which is unacceptable. I have had no such issues with any other network so I am trying to figure out if this is a State table issue or something else that needs tweaking.
    The firewall also uses pfblocker and DNSBL which has been copied from another working site that has no such issues.
    Any ideas ?

  • Rebel Alliance Developer Netgate

    If your IPsec tunnel is up and you can reach the unit, then connectivity through the WAN must be working. There isn't enough detail to say for sure what is happening, but it could be that clients are failing to resolve hosts with DNS. Check the services and see if the DNS resolver is running when the problem happens.

    Otherwise, step through https://docs.netgate.com/pfsense/en/latest/routing/connectivity-troubleshooting.html and try to locate the exact nature of the failure.

  • @jimp Have there ever been instances where the firewall rules and / or state tables get corrupted ? if so, what log would indicate this type of change ? I have looked at system logs and unbound logs, but it just seems to indicate that it is working normally to suddenly no connection.

  • Rebel Alliance Developer Netgate

    No, nothing of the sort. Follow the recommendations in the doc I linked, it will lead you to a more definite conclusion.

  • @jimp Will do, thanks.

