Netgate 2100 WAN fails after appr. 2 hours of operation

NPBN

Hi,

I am trying to get at Netgate 2100 up and running, and it appears to be working at first. But then after appr. 2 hours of flawless operation it suddenly refuses to communicate with the internet (WAN).
I cannot ping my gateway, google or anything else.
I can ping the outside of the firewall (static ip), and all internal traffic is running fine.

So far the only resolution to this problem has been a factory reset, and it is getting tiresome to do this every two hours (plus the family is prette annoyed with me as well).

I thought it might have been a dodgy package or some misconfiguration on my part, but this last time I went with a completely vanilla setup - reset the appliance to factory defaults, went through the wizard entering only the required ip-information and a name, no packages or any other setups. But it still fails.

Anyone have any ideas where to go look for possible causes or similar experiences? I have tried to search for possible causes for this, but so far my google-fu has proved to be inferior.

Br.
NP

gabacho4

@npbn Rather than resetting the router have you restarted it?

To me it sounds like a DNS issue. Next time it happens, try this:

1. From your laptop - ping google.com; what are the results?
2. From your laptop - ping 8.8.8.8; what are the results?
3. From the router using the Diagnostics tab then Ping - do the same thing (ping google.com and 8.8.8.8); what are the results?

edit: also on your laptop, from the Command Prompt (assuming you're using Windows, can you also do a "nslookup google.com" and provide the results?

Can you also describe your layout? Is the router WAN plugged into an ISP modem? Is the router LAN port plugged into a switch or directly to a PC?

NPBN

@gabacho4

Hi gabacho4,

I have tried rebooting the router, no luck.

I was also suspecting a DNS issue, but I have tried to ping directly to 8.8.8.8 (or my ISP's gateway) and there is no reply. That also answers your questions 1 and 2 - no replies are received from external IP's both when I ping from my computer (rocking an old stationary here), and from PFSense itself. So the answer to bullit point 3 is also that it receives no replies.
I can ping the outside of the PFSense (configured as a static IP), but not to the gateway of my ISP.
Next time it fails I will try and do a NSLOOKUP (just had to perform a reset to get to the forums).

My setup are as follows:
Fiber from my ISP terminates in their modem --> from there I have a RJ45 cable to my Netgate2100 plugged into the WAN-port. The LAN-port on the Netgate2100 connects to my switch. My computer is plugged into my switch.

The strange part is that it works for appr. two hours before failing.

Best regards
NP

gabacho4

@npbn alright so the next thing I’d do when this happens is to plug the computer directly into the isp device and see if you have connectivity. Also, have you looked at the pfsense logs to see if there are any errors with any relevant services like DHCP, resolver, etc?

NPBN

@gabacho4

Just had another crash, and I did plug my computer directly into the ISP modem, and there were no problems using Ping, DNS etc. So the connection is fine.
I had the computer set up with the same static IP config as the router uses.

I have tried looking at the logs, but nothing really stands out (but that might be my untrained eyes fault). I have also logged a support ticket with Netgate support, and they requested some logs as well. Now I hope they can provide me with a good explanation for why this happens.

Btw, thank you for taking the time to try and t-shoot this with me - it is much appreciated.

Best regards
NP

gabacho4

@npbn Always happy to try to help others given all the help I’ve received over the years. I’ll get out of the way if Netgate is engaged. They’ll get you taken care of. Based on what you’ve told me, it certainly would seem to be an issue on the PfSense side or your provider could be disrupting your connection for some reason. I had this problem years ago when I tried to host a web server and Comcast would seemingly scan periodically and interrupt my service unless I renewed the WAN. You running any services/servers by chance?

Would you mind posting the fix once you figure this out with Netgate?

NPBN

@gabacho4

I dont think it is my ISP, I have been running a Meraki MX firewall without any interruptions for a couple of years (it only needs to go because I cannot get free licenses for it anymore). I have never had any issues with the ISP before.
I am not running any servers right now, at least not anything that should go to the internet.
I think it is the Netgate appliance, and I hope it is something that is easy to fix, so that I dont need to RMA it.
I will post here once there is a solution.
Br.
NP

stephenw10

It's hard to imagine what reseting the config does to restore the connection here. It would initially come up with WAN as DHCP and send some broadcast traffic.

I assume you have tried reconnecting the WAN cable?

Rebooting the fibre modem?

Does the gateway IP disappear from the ARP table in Diag > ARP?

Steve