Working pfSense now broken after outage. No Internet connectivity.
-
I have pfSense 2.4.5-RELEASE-p1 (amd64) running in a VirtualBox VM on my Fedora 32 server. The server has 2 NICs, one going to my home network, and the other connected to my cable modem. This set-up has been running very well for the past month since I migrated over from Tomato running on my Netgear R6400.
Internet > cable_modem > pfSense VM (192.168.x) > Linux server > Rest of network (doesn't work)
Early Wednesday morning (3 days ago), something happened in the middle of the night and my Internet connection went down. I'm not exactly sure what caused it, but now I can't get pfSense to connect to the Internet anymore. Can't ping gateway. Can't ping 8.8.8.8. I've tried many things, including completely re-installing pfSense from the ISO. I also power cycle the cable modem every time I've plugged the network cable into a new device.
It looks like the pfSense is requesting a DHCP address from the ISP fon WAN, but then pfSense doesn't seem to get a response back from the ISP's DHCPD server.
DHCPDISCOVER on em0 to 255.255.255.255 port 67 interval 3
I tried spoofing various MAC addresses, such as the MAC of the physical NIC in the Fedora box, as well as the MAC of the old router, but no connectivity.
As a test, I reverted back to using my R6400 as my main firewall, and everything (Internet connectivity) works without any issues, so I can rule out any problems with the ISP or the cable modem.
Internet > cable_modem > R6400 (192.168.x) > Rest of network (WORKS)
Thinking it was an issue with the pfSense firewall or the pfSense DHCP client configuration, I also tried this:
Internet > cable_modem > dd-wrt router (10.0.x) > pfSense VM (192.168.x) > Linux > Rest of network (WORKS)
So the dd-wrt is acting as a DHCPD and issues IP addresses to the pfSense box. Internet connectivity is okay, but it a double-NAT situation (ugh) only to test that the dhclient in pfSense works, which it is.
I find this odd because when I initially set-up pfSense about a month ago on the same hardware configuration, everything worked flawlessly. I thought re-installing from the ISO would allow me to restart with a clean slate. I suspect the problem is somewhere in pfSense configuration.
Any tips on where to look? I'm okay with completely wiping the pfSense VM... but I thought I did that already by reinstalling from the ISO.
-
@Shadowlord Why don't you reinstall fresh copy of pfSense and restore your backup configuration and get it over with?
-
@NollipfSense said in Working pfSense now broken after outage. No Internet connectivity.:
@Shadowlord Why don't you reinstall fresh copy of pfSense and restore your backup configuration and get it over with?
I tried both the built-in "Factory Defaults" option (which apparently retains some of the files); and also reinstalling from the ISO.
Doesn't the latter wipe and recreate the filesystem, and thus would be a fresh copy? Or is there a different procedure/better for a wiping and creating a fresh installation?
-
@Shadowlord said in Working pfSense now broken after outage. No Internet connectivity.:
Doesn't the latter wipe and recreate the filesystem, and thus would be a fresh copy?
Yes, that's why I said to do that. Sometimes on power outage, the file system becomes corrupted because of the sudden closure of the pfSense while it was in the middle of writing to disk. I have seen it happening even on ZFS. That's why it is important to always have a backup configuration available.
-
Okay. Well, since I had already reinstalled from the ISO, filesystem corruption was not the issue. Also, I didn't experience a power outage that night.
Anyway, since then, I've also completely recreated a new VM and installed pfSense to that.
Bypassing the VM, I got the VM host to grab an IP address from the modem and it worked, and was able to surf the 'net, so I've ruled out a hardware issue with the NIC, the cable or the ISP connection to the Internet.
Going to my fresh pfSense install and VM, when I cloned the physical MAC of the NIC, I am able to get a DHCP IP address, but can't ping the gateway (nor access anything beyond it).
I'm leaning towards an issue within the VM configuration or pfSense at this point.
-
It pretty much has to be config issue in VBox if you installed pfSense clean and it still fails.
Could be a conflict issue, two devices with the same MAC maybe?
Steve
-
@stephenw10 Checked all the VMs (although only one pfSense instance is running), no conflicts on the MAC address.
But maybe cloning the physical MAC into pfSense/WAN wasn't the right approach, because that creates a physical NIC and a VM NIC with the same MAC. I will try a different MAC from something that's off the network.
-
I managed to fixed the problem, turns out the VM host hadn't been rebooted since before outage, so I thought I'd give that a shot, and it seems to have fixed the problem.
Maybe the physical NIC was left in some partial state or something.
Thanks to everyone who helped.
SOLVED!