Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    PPPoE on WAN, no internet access from LAN

    Firewalling
    2
    3
    346
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      PhxIT last edited by

      First time Netgate installation. Staged a 5100 successfully behind a regular DHCP ISP modem. Moved it to a Century Link fiber connection. Need the static public, so the CL modem is now in transparent bridge mode and I've set the WAN interface on the Netgate to PPPoE. Entered the creds and it's connected to the internet fine. In fact, I have a VPN connection to it and am working on it remotely right now.

      Problem is that the client machine connected to the LAN port of the Netgate is not getting to the internet. When I use ping from the Netgate diagnostic tools, I can ping 8.8.8.8 from the WAN interface. If I change that to the LAN interface (192.168.101.1), the pings time out. I don't know if that's a good test, i.e., I don't know that a ping from LAN interface can go out to web or if changing that to LAN means the ping has to go out that interface.

      I've checked, double checked, triple checked NAT and firewall rules and they all seem to be fine. Have even tweaked them trying different things. Again, this all worked when staged here. The only thing that changed was that it went behind a CL modem and changed the WAN interface to PPPoE. We know the CL circuit is good, was working with previous router.

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @PhxIT last edited by

        @PhxIT said in PPPoE on WAN, no internet access from LAN:

        When I use ping from the Netgate diagnostic tools, I can ping 8.8.8.8 from the WAN interface. If I change that to the LAN interface (192.168.101.1), the pings time out.

        That implies that your outbound NAT doesn't work properly.
        Possibly it is set to manual rule generation? If so, switch into hybrid mode if there is no reason to have an other one.

        P 1 Reply Last reply Reply Quote 0
        • P
          PhxIT @viragomann last edited by

          @viragomann That where I was thinking, too, tried lots of stuff, minus hybrid mode.

          I finally found the issue. In System | Routing | Gateways, the default gateway had to be set to the WAN_PPPOE gateway. I don't think I had changed anything from when it was working with WAN on DHCP, so apparently PPPoE is special and you need to specify that here. It never occurred to me since the WAN is able to reach the Internet which means it does have a default gateway. I've never seen the need to set a default gateway in a second place.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post