Issue: I cant access anything on the LAN after initial setup
-
I am having and issue where i cannot access much after the initial setup.
I have internet access and i can get to the pfsense web console.
I cannot hit any other IP inside the LAN especially anything with a specified port like 8080. But if i ping the IP in a terminal window then i can go to it in the web browser. Im not sure if the issue is Firewall or NAT or something else.
Any help is greatly appreciated.
-
@shaungehring said in Issue: I cant access anything on the LAN after initial setup:
I cannot hit any other IP inside the LAN especially anything with a specified port like 8080
From where? If your already on this LAN, then pfsense is not part of this conversation to other devices on the LAN.
If your talking from outside of pfsense wan/internet - then you would have to allow for such traffic to the lan via port forwarding or firewall rule if pfsense is not natting.
-
@johnpoz Its from LAN to LAN 10.10.0.10 --> 10.10.0.23:8080.
The only thing that has changed is that i moved from a standard router to the pfsense device. The site on that port is up and working properly, if i plug both into a different router it works as normal.
-
@shaungehring Again - pfsense as the edge router is a way to get off your local network 10.10.0/24 I would assume. and has zero to do with devices talking amongst themselves.
My guess maybe is your previous soho router had a switch ports. And what your running for pfsense does not?
How exactly are these devices .10 and .23 connected to the network.. They should be connected to your "switch"
-
@johnpoz I think that is the problem they are connected to a 8 port hub, but i don't think its a switch
-
@shaungehring hub (OLD OLD Tech) works at a basic level the same as switch.. It allows devices to connect to each other.
I would be very surprised if was in fact a "hub" - unless its say 10+ years old say.. If not older.
But regardless of hub or switch - again pfsense is not involved in conversations between devices on the same network. While it might provide services like dhcp and ntp and dns to said network that is connected to it.
When device say device 10.10.0.10/24 wants to talk to 10.10.0.23/24 it is not involved in that communication.. It has no way to even be aware of said conversation.
On your previous router setup, was your network different? Possible firewall on the device was set to allow connections from 192.168.1.0/24 but now that your on some other network 10.10.0.0/24 the firewall on that devices does not allow this communication?
Are you trying reach this other device via a fqdn vs IP? Where this is not resolving?
-
@johnpoz hmm, im not sure then, all i know is if i replace the pfsense device with my old router everything is fine. So i guess i will have to move back until i can figure it out
-
@shaungehring see my edit, are you using a different network from your previous setup? Are you trying to resolve via fqdn (host.something.tld) or IP? Possible fqdn is not resolving?
But the router has zero to do with communication between devices on the same network.. You do not even need a "router".. If plugged 2 devices into a switch or hub. And gave them IPs on the same network - they would be able to talk to each other.
when a device on network wants to talk to an IP, if it sees from its mask that IP it wants to talk to is on the same network as it.. Then it arps for the mac address of that IP, that other devices sees the arp and answers. And they talk to each other via mac address. In no scenario would it need to send traffic to the "router" for this communication to happen.
A router is used for devices on "different" networks to talk to each other. Be it another local network/vlan or the internet..
-
@johnpoz same network, using ips. the weird part is that if i go to 10.10.0.23:8080 in a web browser it will spin... As soon as i ping that IP in a terminal window the site will show up. It's like the ICMP packet defines the route, i have never seen it before.
-
There is no "route" to define. If the device is on the same network.. Your device has "route" based on the mask set on your IP.. look in your route table on your device.. example
You can see from my machine - which has 2 interfaces in 2 different networks 192.168.9/24 and 192.168.10/24 it knows which interface to use to talk to which network.
You sure your browser night trying to use a "proxy"? Sounds like you have a browser issue, and not a actual network issue.
If your device A can ping device B - then the network is connected.. What your browser might be doing could be a different story..
-
@johnpoz Thanks for the help, I am at a loss then
-
@shaungehring This sounds similar to an arp cache issue we had. We could not connect, ping it, then all was good. The network team did something to the arp cache on a switch to resolve it. I do not have details as it was many years ago.
Maybe that will get you in the right direction.