First time installing and I am unable to ping the box

nebruin

I have been trying to go through and set up pfsense to do a dual WAN box, but so far I seem to be having a lot of difficultly. I downloaded the pfSense-1.2.2-LiveCD-Installer.iso and burned it and used that to install to a hard drive on a standard PC. I thought everything was set up correctly but I am unable to ping the box (I set the pfsense box to IP 192.168.1.2/24) from my network, and the pfsense box is unable to ping anything. I originally had 4 networks cards in the system, but I went ahead and removed all but 2 for testing, but even with just the 2 NICs it still is unable to ping. I used auto detection for assigning the interfaces and it correctly found both interfaces when I plugged them in, although my WAN interface does not seem to be getting an IP (it is connected to a Surfboard 5120, and I already power cycled the modem since I was plugging it in to a new system). Both the WAN and LAN interfaces have layer 1 connectivity correctly, I can see both the switch and the intel card LEDs lighting up, and I know the cables are good since I've used them plugged in to the same switch with different computers. I tried to troubleshoot and as far as I can tell nothing should be wrong, but still nothing works. I can't seem to find any logs that show me anything useful, and so I'm hoping someone here might be able to offer me some insight as to what my next step would be in troubleshooting. Also I tested multiple NICs and they all had the same behavior so I doubt it is a NIC issue.

Thanks.

-Nebruin

wallabybob

Some suggestions for troubleshooting the LAN side of your pfSense box.

On the pfSense console select option 8 to get the shell prompt. Then type
ifconfig -a
and post the output here.

What's the IP address and network mask of the computer you used to ping the pfSense box? Is it in the same subnet as the pfSense LAN interface?

What's between the other computer and the LAN interface (e.g. a crossover cable, a straight through cable, a switch, …)?

On the pfSense console type
tcpdump -i xxx
where xxx is the name of the LAN interface (e.g fxp0, em1, de0. …) then start the ping on the other computer. This command should then display the incoming pings and the outgoing responses.

nebruin

Sorry forgot to include my network layout. So my network is pretty basic. I have a gigabit switch between the computer I'm using to ping the pfsense box and the pfsense box. Everything is on the 192.168.1.0/24 network, and I know that nothing else is using IP 192.168.1.2 (pfsense box). The network card in the pfsense box is a 100Mb card, so just to make sure I also tried a 100Mb switch just to make sure it wasn't some weird problem with switch and computer being at 1000Mb.

The ifconfig -a output is below, and when I ran tcpdump (tcpdump -i fwip0) I got no packets at all and according to what pfsense said it is supposed to be listening in promiscuous mode so it doesn't look like it's seeing any traffic on the wire at all. Although I did notice one thing that was strange tcpdump reported the link-type as APPLE_IP_OVER_IEEE1394, which doesn't make a lot of sense to me since this box doesn't even have firewire so I'm not sure if maybe something got screwed up when pfsense did the autodetection to find the interfaces.

fwe0: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 1500
options=8 <vlan_mtu>ether 02:e0:18:04:e3:8f
inet6 fe80::e0:18ff:fe04:e38f%fwe0 prefixlen 64 scopeid 0x1
inet 0.0.0.0 netmask 0xff000000 broadcast 255.255.255.255
ch 1 dma 1
fwip0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
lladdr 0.e0.18.0.0.4.e3.8f.a.2.ff.fe.0.0.0.0
inet 192.168.1.2 netmask 0xffffff00 broadcast 192.168.1.255
inet6 fe80::2e0:1800:4:e38f%fwip0 prefixlen 64 scopeid 0x2
fxp0: flags=8802 <broadcast,simplex,multicast>metric 0 mtu 1500
options=8 <vlan_mtu>ether 00:50:8b:11:31:a2
media: Ethernet autoselect (none)
status: no carrier
fxp1: flags=8802 <broadcast,simplex,multicast>metric 0 mtu 1500
options=8 <vlan_mtu>ether 00:08:c7:29:d6:4b
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
plip0: flags=108810 <pointopoint,simplex,multicast,needsgiant>metric 0 mtu 1500
pflog0: flags=100 <promisc>metric 0 mtu 33204
lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x7
enc0: flags=0<> metric 0 mtu 1536
pfsync0: flags=41 <up,running>metric 0 mtu 1460
pfsync: syncdev: lo0 syncpeer: 224.0.0.240 maxupd: 128</up,running></up,loopback,running,multicast></promisc></pointopoint,simplex,multicast,needsgiant></full-duplex></vlan_mtu></broadcast,simplex,multicast></vlan_mtu></broadcast,simplex,multicast></up,broadcast,running,simplex,multicast></vlan_mtu></up,broadcast,running,promisc,simplex,multicast>

nebruin

I think I found the issue, it looks like the virtual firewire interfaces were the problem, when I manually forced the interfaces to be fxp0 and fxp1 it looks like that fixes it. Yay! Thanks for the help

-Nebruin