Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Random network connection issues

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 3 Posters 578 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      crowax
      last edited by

      I have recently installed pfsense to replace my Google Nest router. I struggled for a while with getting DNS working correctly, but now that I seem to have that going, I have been seeing a new issue. I do not believe it is DNS related, but if it is then I can elaborate on that resolution.

      Right now I randomly cannot get to a website or two. Today it was google.com, mst3kinfo.com and yahoo.com. Every other site I tried to visit has worked great. NSlookup resolves to the correct IP, but I cannot ping the IP. Also tracert goes nowhere, not even a first hop. This happens on all my devices, not just one.

      With a reboot of the pfsense box, everything starts pinging and working just fine. But there will be other sites that do not work that take me a few days to realize they are down.

      I have tried disabling any addons (really only have snort) and disabled the firewall itself which says it just becomes a NAT. Nothing seems to keep everything up and running. There is just a few sites everyday that I discover don't work, and if I reboot it then there are all new sites I have issues with.

      Any thoughts or suggestions? It is so bad that I have to switch to my Google Nest sometimes just so I can work without issues.

      T 1 Reply Last reply Reply Quote 0
      • T
        Tzvia @crowax
        last edited by

        @crowax Well, PFSENSE, as it comes 'out of the box' without any customization, should just plain work, with the possible exception of PPPOE internet needing a username/password login. The default firewall setting for LAN is to allow all outgoing. The default DNS is for the router to resolve using internet root servers- no forwarding is needed to any public DNS like 8.8.8.8 or 1.1.1.1. Even if PFSense is behind another router, like a cablemodem-router combo, as long as the LAN network that PFSense is set with is different from the LAN network that the router in front of it has, PFSense will work. So maybe a bit more information as to what kind of internet service you have and what is in front of the PFSense router, would be usefull, and what settings you have changed for DNS so that we know a bit about your setup would be helpfull.

        Tzvia

        Current build:
        Hunsn/CWWK Pentium Gold 8505, 6x i226v 'micro firewall'
        16 gigs ram
        500gig WD Blue nvme
        Using modded BIOS (enabled CSTATES)
        PFSense 2.72-RELEASE
        Enabled Intel SpeedShift
        Snort
        PFBlockerNG
        LAN and 5 VLANS

        C 1 Reply Last reply Reply Quote 0
        • C
          crowax @Tzvia
          last edited by

          @tzvia
          Thank you for the reply.

          For the DNS I have two PiHole instances that have not been a problem with my Google Nest. At first I tried to set PiHole to go to 8.8.8.8 and pfsense/DHCP assigned the PiHole as the DNS server. This had some issues on and off. What I had to do was set the pfsense to assign its own IP as the DNS server for computers. Then the DNS settings inside pfsense point to the PiHole. However I have also set it to 8.8.8.8 and 1.1.1.1 earlier when troubleshooting. It didn't make a difference. The names still resolved fine but I could not ping the IP's.

          I have DHCP enabled to hand out addresses to all my devices. Using itself as the gateway and DNS.

          The only other change was a few port forwards to get 443 and 80 to point to my reverse proxy.

          I have a standard Spectrum modem that I connect to pfsense WAN with DHCP.

          The only major step I did not try was to completely wipe and start over. I have had this issue since day 1 but I think the only thing I was working on then was my port forwarding.

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            Unable to connect to some random sites like that is usually either an MTU issue or a bad subnet mask somewhere. Since you're unable to ping or even reach the first hop in a traceroute it's unlikely to be MTU so check the routing table for some bad route.

            Steve

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.