Installing new version of Pfsense 2.4.5 and not browsing
-
Good morning everyone, I installed the new version and migrated the data from the old one, but pfsense does not browse. I have already placed the WAN, WAN Gateway, configured my LAN and configured the internal network to go outbound. What did I miss? The rules are OK.
-
@clsilva It's difficult to help with this information. It sounds like you migrated from an older pfsense setup to a new one and you have no web access?
First, do not restore the old configuration. Do the fresh install on the new setup and use the pfsense default config. Go through the setup wizard. That should work perfectly. If it doesn't, then you might have a physical setup issue.
Also, what does browsing not working mean? Can you ping 8.8.8.8? Yes, then you have internet access. No, then you have no internet access.
If you answered yes to the first question, can you ping google.com? No, then you have internet access, but DNS is not working and neither will your browser. -
This post is deleted! -
This post is deleted! -
Raffi Thanks for the reply. That's right Install a new version of Pfsense (2.4.5) that is currently available. But even without restoring it is not pinging 8.8.8.8
-
@clsilva You have to take a step back in that case and confirm your modem/connection to ISP is working. Is the modem providing an external IP? Can you connect another device/PC directly to the modem just temporarily and confirm that other device getting an external IP? Can you can ping 8.8.8.8 from that device?
-
Yes i alreaded do this. Anyway, the my old firewall still working normally. I tested by proxy and pinged normally at 8.8.8.8.
-
My old firewall is still on, even though I changed the IP of the navigation link. Is this conflicting?
-
Yes, that old firewall could be your issue if it's still on the network.
What does your setup look like?
Modem <==> Old firewall <==> New firewall <==> PC
If that's what you have then remove the old firewall and test the new one again. The new pfsense should get an external IP directly from the modem on the WAN. Everything should be working with this...
Modem <==> New firewall <==> PC
-
My scenario looks like this:
Mikrotic Radio with Ip fixed on the Link) <==> Cisco Switch <==> Pfsense <==> PC
However I tested now shutting down my old Pfsense and the new one didn't work. I'm starting to char that may be NAT rules. Because it is resolving the DNS correctly, It is working with the Proxy directly on the browser port, but even with the release rules it does not work on the Internet.
Note: I configured my new firewall with a fixed IP different from the old one. -
@clsilva Sorry, I am confused.
My scenario looks like this:
Mikrotic Radio with Ip fixed on the Link) <==> Cisco Switch <==> Pfsense <==> PCThe mikrotik is your WAN device with a fixed external IP?
However I tested now shutting down my old Pfsense and the new one didn't work. I'm starting to char that may be NAT rules. Because it is resolving the DNS correctly,
How do you know the DNS query is not a cached result? It doesn't make sense that DNS can resolve if you can't ping out to the internet.
It is working with the Proxy directly on the browser port, but even with the release rules it does not work on the Internet.
Note: I configured my new firewall with a fixed IP different from the old one.What is working with the proxy directly? Webpages are loading fine through the proxy? Where is this proxy located? Do you have the proxy manually configured on that PC or is it automatically assigned? Is it a transparent proxy? Can you bypass the proxy?
-
I think you might have to start running some packet captures to figure out what is going on. Run a continuous ping from the PC and then start the packet capture on the WAN interface of pfsense. If the ping is not getting to the WAN, then you may have a rule blocking it. If it is getting to the WAN and you are not getting a response back, then it is something further down the line.
-
@Raffi_ said in Installing new version of Pfsense 2.4.5 and not browsing:
@clsilva Sorry, I am confused.
My scenario looks like this:
Mikrotic Radio with Ip fixed on the Link) <==> Cisco Switch <==> Pfsense <==> PCThe mikrotik is your WAN device with a fixed external IP?
That's correct.
However I tested now shutting down my old Pfsense and the new one didn't work. I'm starting to char that may be NAT rules. Because it is resolving the DNS correctly,
How do you know the DNS query is not a cached result? It doesn't make sense that DNS can resolve if you can't ping out to the internet.
Good Question. Can be the cache. I don't know if is the cache.
It is working with the Proxy directly on the browser port, but even with the release rules it does not work on the Internet.
Note: I configured my new firewall with a fixed IP different from the old one.What is working with the proxy directly? Webpages are loading fine through the proxy? Where is this proxy located? Do you have the proxy manually configured on that PC or is it automatically assigned? Is it a transparent proxy? Can you bypass the proxy?
I did a configuration with the proxy directly in the port the browser. And it worked. but after return that configuration, He stop again.
The proxy who i said, was o squid. -
I have 3 Lans, the configuration its look like:
Lan 172.23.132.1My PC is in network 172.23.134.0 and i can ping normally in this network. I don't know if this are being a problemm
-
My PC is in network 172.23.134.0 and i can ping normally in this network. I don't know if this are being a problemm
You can ping 8.8.8.8 from this network? If so then what is the problem?
I cannot help if you are only going to provide little pieces of information each time you think it may or may not help. Provide a full diagram of your network and all LANs, servers (squid?), smart switches. For example, in that diagram show LAN A is able to ping 8.8.8.8 but not access a website, LAN B cannot ping and so on. Are all 3 LANs different interfaces on pfsense? Show that in the diagram.
