Adding second WAN interface breaks connectivity
-
I currently have 1 WAN, 2 LANs and an OpenVPN interface defined as vmx0-2 & ovpn1. We are getting a second WAN installed. When I add another vmx interface to pfSense to handle the new WAN, everything breaks. Traffic isn't routed to the Internet, you can't ping pfSense LAN and the WebGUI is unresponsive. I have read over the years that FreeBSD likes to renumber interfaces but how do I get around this when WebGUI is inacessible? I tried reassigning the interfaces from console but that didn't do anything other than hang pfSense.
-
@kom You have console access to the KVM, yes? You can reassign there, you can see what the new devices appear as and undo your changes, reboot again, go back in backup your config, rename the interfaces and restore from that changed backup after you update your interfaces again.
Of note: If you have TAC support or have utilized CE->Plus migration your NDI will change when you add/remove interfaces. This will break your TAC support for this device and you may have to get a new CE->Plus token to effectively upgrade in the future.
Ryan
Repeat, after me: MESH IS THE DEVIL! MESH IS THE DEVIL!
Requesting firmware for your Netgate device? https://go.netgate.com
Switching: Mikrotik, Netgear, Extreme
Wireless: Aruba, Ubiquiti -
@rcoleman-netgate I already tried that without success. When I try to reassign via console, it just hangs until I force a reset of the VM. I should have mentioned that this is a virtual machine, and i also have a Wireguard tunnel defined as well as the OpenVPN tunnel.
-
@kom I would still do it, force a reset of the config (option #4 in the console menu)
Create the interfaces, download the config file, compare the two and resolve.
I don't think you're going to find there's no easy way to go about what you're trying to do. You can reference the MAC addresses on the system (ifconfig from the shell or in the GUI [Interfaces->Assignments]) to get an idea of what is what.
Ryan
Repeat, after me: MESH IS THE DEVIL! MESH IS THE DEVIL!
Requesting firmware for your Netgate device? https://go.netgate.com
Switching: Mikrotik, Netgear, Extreme
Wireless: Aruba, Ubiquiti -
@rcoleman-netgate Worked on this more today. The extra interface is seen as the first interface now, so it's now vmx0 and my WAN which used to be vmx0 is now vmx1, LAN vmx1 is now vmx2 etc. From console I went and reassigned the interfaces and it just hangs and never comes back which is extremely frustrating. This really shouldn't be this hard.
-
@kom
Why not try adding the new interface as em? -
@dotdash I hadn't thought of that. I would rather keep things consistent, and it didn't occur to me that FreeBSD wouldn't hose me in the exact same way regardless of interface type. I'll quickly try it tonight after hours. Otherwise, I have to come in to the office this Saturday just for this because I can't keep everyone offline while I scratch my ass trying to figure it out.
-
This a known and long-standing issue in VMWare. Adding 4 or more VMXnet NICs re-orders the the way the NICs are presented to the guest.
Re-assigning the interfaces to the new order is really all you can do. Unless you want to map then NICs to the PCI bus manually in VMWare.Steve
