New NIC accessing the intranet but not the internet



  • Hello

    I have a strange one (for me...), I have a supermicro with pfsense, the configuration is confusing without any notes, all 4 ports are taken either to the WAN or to a layer 3 switch.

    As there is some new switches coming, I thought that I could install another network card, configure a clean config on the new card and start moving everything on the new card without taking any risk (I can always fall back on the old config)

    So I installed a 4 ports NIC and restarted the appliance, the news ports were detected and everything seem to be OK.

    So I started to create new interfaces assignments on the ports, then some VLAN with DHCP and rules (all open just to check). All went well and I could ping everything inside but I could not ping the internet.

    I double-check my config, DHCP is OK, rules are OK (all open), the gateway is set to "none" on the interface, but still no access to the internet.

    To be sure I compared my config to another pfsense box and all seem to be the same.

    So I believed in a NIC problem, but to be sure I restored the config on a SG-5100 that I had in spare. The restore was OK, everything worked so I started creating on the last available port a new Interface and pafff same problem..... access to all interfaces is OK but no ping to the internet from my new interface.

    So I deleted every rule, left just one interface from the old config and add another interface but same result.

    I thought I was making some stupid mistake so I restore my 5100 to default and start over adding interfaces to all port and VLAN, and everything is working...

    Can anyone help me? There should be something on the original config that stops the traffic but what? How to check?

    Many thanks for your help.

    edit: title


  • LAYER 8 Rebel Alliance

    Are you on Manual Outbound NAT and forgot to add the new network?
    Post some of your configuration here like Firewall Rules and so on.

    -Rico


  • LAYER 8 Rebel Alliance

    Work through https://docs.netgate.com/pfsense/en/latest/routing/connectivity-troubleshooting.html
    This covers a lot of errors you could have made. :-)

    -Rico



  • @Rico said in New NIC accessing the intranet but not the internet:

    Manual Outbound NAT

    You are fantastic you nailed it, I had deleted all the rules and checked again the connectivity troubleshooting but I forgot to check the Outbound NAT which is indeed in manual!

    Many thanks for your help, you saved my Sunday :)


  • LAYER 8 Rebel Alliance

    Glad you have it working now.

    -Rico


Log in to reply