PFsense cannot online
-
Dear All,
I had configured pfsense 2.6.0 machine.
The router cannot ping 1.1.1.1/8.8.8.8 but it can ping www.google.com.my or www.yahoo.com.sg.The PC that connect to LAN port has no internet connection. I did not set up firewall yet. I have enable dns forwarder and override DNS over WAN.
What could be the problem? How to solve it? Please help as i really need to use pfsense router.
A billion thanks for your help.
-
Anyone please help me.
-
@peter_apiit It doesn't make sense that you can ping via hostname but not by IP address. A default installation of pfSense will give you a DHCP WAN and a LAN with full access right from the start.
How are you doing your ping test, fro a client on your LAN or from pfSense DIagnostics menu?
Please post a screenshot of your LAN rules.
-
@kom I pinging the hostname from pfsense router. It doesn't matter about the lan rules. Is it relate to pfsense 2.60 problem.
-
@peter_apiit If you need to use pfSense, why are you using an unstable development version? I thought that 2.6.0 was a typo when I read it. Post your issue in the 2.6 Development forum. These forums are for the release version.
-
@kom Dear Kom, I had installed the stable version of pfsense which is 2.5.0.
I still unable to ping 1.1.1.1 or 8.8.8.8 but able to ping google.com.my from pfsense router. I don't have firewall rules set up yet. Is it my ISP block me? They don't want us to use firewall.
Any solution to this?
Please help. Thanks. -
@peter_apiit It's very possible that your ISP is blocking you from reaching external DNS services like Cloudflare and Google DNS.
-
@kom I can ping www.google.com.my then the DNS query can be resolve. Just don't know why cannot ping 1.1.1.1.1 or 8.8.8.8 and others public dns services. Anything i can do on my side? I can use normal cheap router to browse internet. How my ISP do that?
I am from Malaysia. Malaysia ISP Sucks.
-
@peter_apiit said in PFsense cannot online:
I can ping www.google.com.my then the DNS query can be resolve.
Yes, from your ISP's DNS I would assume. Earlier you said you had your WAN set to override DNS via DHCP from your ISP.
Anything i can do on my side?
If they are blocking popular external DNS services, then it is likely that they are also capturing all tcp/udp53 traffic and redirecting to their own DNS. That handles external DNS they don't know about.
Get a VPN (I use Mullvad and am satisfied with them), hook it into pfSense and then route your DNS requests out the VPN gateway.
-
First of all, thanks for your sincere reply. Please bear with me that i am a noob in networking and pfsense.
Questions:
- How to configure route all dns request via VPN(Step by step guide is prefer)?
- Does the ISP cannot block my Windscribe VPN further?
Thanks.
-
@peter_apiit If you are new, the best way to learn is to read, to try to do it yourself, to run into problems, to ask questions, and then finally you solve it yourself with some help.
Use your favourite search engine to search for 'pfsense route dns out vpn' or similar. There are lots of posts showing you how to do it. Come back here with specific questions if you get stuck. There are plenty of people who will help.
Does the ISP cannot block my Windscribe VPN further?
Well it's possible they may have blocked every known VPN in the world but I can't tell you that. They cannot see inside your VPN tunnel.
-
@kom Appreciate your reply. A billion thanks for your help. May GOD bless u.
Questions:
- Can we route all request through vpn tunnel?
-
@peter_apiit Yes. You can do that with one simple firewall rule if you have already created the VPN connection as a pfSense gateway.