Help with physical interfaces and VLANs
-
The WAN_DHCP gateway (192.168.100.1) is listed as online, then there is another GW_LAN (default) (192.168.0.1) that is offline.
-
@BlankSpace said in Help with physical interfaces and VLANs:
GW_LAN (default) (192.168.0.1) that is offline.
Well that is WRONG!!! you wouldn't set a gateway on your lan! I never understand how users do this - it doesn't ask you to do that... And even if you set one up, it tells you shouldn't
-
In the LAN interface config, the IPv4 Upstream gateway is listed as "none", but I think I have more problems then that lol. If I can't ping internet hosts from the WAN. Also my LAN is 192.168.200.0/24 not 192.168.0.1.
-
Post up your gateways... You shouldn't have any gateways other than your wan, which I assume you got from dhcp... Your sure pfsense wan is actually 192.168.100
-
Ok I deleted the 192.168.0.1 gateway. The only one now is the WAN which was from DHCP as you stated. It is listed as WAN_DHCP, WAN, 192.168.100.1 192.168.100.1 Interface WAN_DHCP Gateway.
-
Something going on with the WAN tho, can't ping Internet, destination unreachable.
-
@BlankSpace said in Help with physical interfaces and VLANs:
WAN_DHCP, WAN, 192.168.100.1 192.168.100.1
can you you ping that? From pfsense
You can not ping say 8.8.8.8 from pfsense or you can not resolve www.google.com
-
Yes I can ping that from pfsense shell and no, I cannot ping 8.8.8.8 or resolve google.com.
-
what about 8.8.8.8
That 192.168.100.1 is your current router?
-
@johnpoz said in Help with physical interfaces and VLANs:
what about 8.8.8.8
That 192.168.100.1 is your current router..
Correct, which would be the WAN gateway. Its actually a port off of a linksys LRT214 with its own vlan and subnet. If I plug my pc directly into that, I would get the same DHCP and have internet access.
-
Well if you can not ping 8.8.8.8 then you have something wrong with upstream.. Do a sniff on your wan while you ping 8.8.8.8 - do you see it go out??
-
From the shell when trying to ping, I get no route to host. Packet capture shows:
16:15:19 IP 192.168.100.100 > 192.168.100.1: ICMP echo request. id 2892, seq 3180, length 8
16:15:19 IP 192.168.100.1 > 192.168.100.100: ICMP echo reply. id 2892, seq 3180, length 8
-
Then you don't have a gateway setup if you don't have a default route... Post your gateways, show your routes..
Did you get your wan via dhcp, or did you manually set it?
-
Ok, I put a USB NIC on this PC so I can copy and paste directly from pfsense. Yes the gateway was obtained from the DHCP. My routes are all weird:
-
Dude why do you have openvpn setup... Get the thing working before you start trying to setup pfsense as a vpn client!
And your not going anywhere without a default route..
-
I was testing with no WAN, just using the LAN interface with openvpn, which did work just using the LAN. Shouldn't the default have been created automagically? Do I need to go System>Routing>Add and put a new static route?
-
You have gateway set to auto? specifically set it to your wan gateway. Like you see in my post.
-
That would be it. I am not sure why it was set to auto, I've been playing around with so many things before I was able to create my own little network to test the WAN.
-
Thank you for all of the assistance, first time with pfsense here. So "technically" I can drop this in off my cable modem and should at least have one interface and vlan up and running.
-
It should yes - keep in mind that almost always when you change something connected to a cable modem, ie swap out your router for pfsense you would have to reboot your router. I would disconnect your router... Power cycle your cable modem... Wait for it to show online, then connect pfsense and it should grab a public wan IP.. And then yeah all your networks behind should be up and running.. that have rules to allow :)
Auto should work - but I have seen it be finicky myself sometimes.. Especially if you have something else setup as a gateway - where I saw it have a problem was when I had a downstream router setup (ie another gateway)... But if your not multiwan or whatever doesn't hurt to hard code it.
