pfSense: online and pingable upstream gateway via PPPoE but no internet
-
Hi everyone,
I've had issues with my recent migration to a virtulized pfSense installation as my main router. As you can see in the included screenshots, the gateway is online and I am able to ping it from my workstation but even though I can ping the upstream gateway, I have no internet. This is my second attempt at configuring pfSense from scratch.Network setup:
FTTH --> ONT(bridge mode) --> NIC1 on server --> Proxmox bridge vmbr1 --> WAN pfSense VM --> (LAN)vmbr0 --> NIC2 --> Mikrotik 24port 2SFP+ switch.pfSense version: 2.5.1-RELEASE
Proxmox version: Linux proxmox-ve 5.4.106-1-pveHypervisor network config:
VM config:
As you can see, I even tried to setup the VM with a 30 second start delay after boot.pfSense dashboard:
System > Routing > Gateways
Interfaces > WAN
Interfaces > PPPs > PPPoE
Logs > gateway
Logs > routing
Diagnostics > Routes
Log > PPPoE
pfsense-PPPoE.txtPing log from my laptop
ping.txtThis configuration sometimes works after changing random settings and reverting the changes while doing plenty reboots.
Please ask if you need more logs.
-
@bfj7234 said in pfSense: online and pingable upstream gateway via PPPoE but no internet:
I have no internet.
Hi,
Is the default allow rule set?
-
@daddygo
Hi, yes I do have an allow all rule enabled on all LAN interfaces.Note: I do have pfBlocker installed and configured but have since disabled it completely.
-
@bfj7234 said in pfSense: online and pingable upstream gateway via PPPoE but no internet:
I do have pfBlocker installed and configured but have since disabled it completely.
This should not be a problem.
but...
Resolver and or forwarder? settings are correct?
what this shows for example:
and / or
+++edit:
jah,.... and why are you disabling the GW monitor action?
+++edit2:
note, you should see something like this...
-
@daddygo
If I include the @ 1.1.1.1 it gives an error(no route to 1.1.1.1), without the @1.1.1.1 it resolves bbc.com via unbound.
-
@daddygo said in pfSense: online and pingable upstream gateway via PPPoE but no internet:
+++edit:
jah,.... and why are you disabling the GW monitor action?One of the troubleshooting steps I tried, have since enabled it again without success.
-
gotcha... - you have no DNS resolution at the moment
Okhay, I show you....
you do not have to use CF DNS - choose what you want
- network interfaces to the internals (LAN, OPT1, OPT2, etc,)
- Outgoing Intf.s (WAN, WAN2 or VPN intf., etc.)
+++edit:
Unbound in forwarding mode!
pls. on GENERAL TAB + DNS servers + DNS behavior = USE REMOTE DNS SERVERS!!!
-
@daddygo said in pfSense: online and pingable upstream gateway via PPPoE but no internet:
you do not have to use CF DNS - choose what you want
CF is my 2nd choice for DNS provider:
-
@bfj7234 said in pfSense: online and pingable upstream gateway via PPPoE but no internet:
CF is my 2nd choice for DNS provider:
this is not relevant now
+++edit:
Unbound in forwarding mode! (at least that's what's on the PRTSC you showed me)
pls. on GENERAL TAB + DNS servers + DNS behavior = USE REMOTE DNS SERVERS!!!
-
@daddygo said in pfSense: online and pingable upstream gateway via PPPoE but no internet:
Unboud in forwarding mode! (at least that's what's on the PRTSC you showed me)
Yes its enabled (should it be enabled or disabled? I assume it should be enabled)
pls. on GENERAL TAB + DNS servers + DNS behavior = USE REMOTE DNS SERVERS!!!
-
@bfj7234 said in pfSense: online and pingable upstream gateway via PPPoE but no internet:
Yes its enabled
don't touch it
this is correct if you want to use third party DNS (like CloudFlare 1.1.1.1) instead of root serversthe problem will be with this: ( System / General Setup)
-
@daddygo I just did my 7th restart of the ONT and re-socket of the Ethernet cable, internet is working now. No idea what it could be, maybe a faulty ONT or NIC
-
@bfj7234 said in pfSense: online and pingable upstream gateway via PPPoE but no internet:
restart of the ONT and re-socket of the Ethernet cable, internet is working now
that doesn't fix your DNS setting, just look up your Dig
+++edit:
I guess the DNS server override is checked
-
@daddygo said in pfSense: online and pingable upstream gateway via PPPoE but no internet:
@bfj7234 said in pfSense: online and pingable upstream gateway via PPPoE but no internet:
restart of the ONT and re-socket of the Ethernet cable, internet is working now
that doesn't fix your DNS setting, just look up your Dig
DNS is working:
pfSense command prompt:
; <<>> DiG 9.16.12 <<>> bbc.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22534
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;bbc.com. IN A;; ANSWER SECTION:
bbc.com. 300 IN A 151.101.128.81
bbc.com. 300 IN A 151.101.192.81
bbc.com. 300 IN A 151.101.0.81
bbc.com. 300 IN A 151.101.64.81;; Query time: 170 msec
;; SERVER: 9.9.9.9#53(9.9.9.9)
;; WHEN: Mon Jun 07 21:56:26 SAST 2021
;; MSG SIZE rcvd: 100My laptop
; <<>> DiG 9.16.15 <<>> bbc.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1432
;; QUESTION SECTION:
;bbc.com. IN A;; ANSWER SECTION:
bbc.com. 300 IN A 151.101.0.81
bbc.com. 300 IN A 151.101.64.81
bbc.com. 300 IN A 151.101.128.81
bbc.com. 300 IN A 151.101.192.81;; Query time: 19 msec
;; SERVER: 192.168.10.1#53(192.168.10.1)
;; WHEN: Mon Jun 07 21:58:07 SAST 2021
;; MSG SIZE rcvd: 100 -
@bfj7234 said in pfSense: online and pingable upstream gateway via PPPoE but no internet:
DNS is working:
Ok magic
but you have a lot of wrong settings...
this will help you in many ways
https://www.vikash.nl/setup-pfblockerng-python-mode-with-pfsense/
-
@daddygo said in pfSense: online and pingable upstream gateway via PPPoE but no internet:
I guess the DNS server override is checked
Nope it isn't
The DNS Resolution Behavior is also set to "Use remote DNS servers, Ignore local DNS"this will help you in many ways
https://www.vikash.nl/setup-pfblockerng-python-mode-with-pfsense/Will check it out tnx!
I used Lawrence Systems on youtube's guide on configuring pfBlocker and other areas.
