Can't ping to 8.8.8.8 or 8.8.4.4 using LAN interface on pfsense

gulzoa712

Hello,
Recently I tried to port forwarding my WAN interface with my internal LAN IP, it worked thanks to this forum, and got lucky:)

Now I want my pfsense to be able to ping google DNS. My wan interface is currently port forwarded to an internal LAN VM. That works fine without any issues. What I need to achieve is that machines connected to pfsense LAN interface should be able to ping google DNS servers. Any help shall be appreciated.
Below is the screenshot attached of my LAN machine which has pfsense as its gateway. This is the error it keeps on giving.

These are my rules

Gertjan

@gulzoa712

Humm.

A default pfSense 22.05 :

C:\Users\gwkro>ping 8.8.8.8

Envoi d’une requête 'Ping'  8.8.8.8 avec 32 octets de données :
Réponse de 8.8.8.8 : octets=32 temps=23 ms TTL=111
Réponse de 8.8.8.8 : octets=32 temps=25 ms TTL=111
Réponse de 8.8.8.8 : octets=32 temps=23 ms TTL=111
Réponse de 8.8.8.8 : octets=32 temps=25 ms TTL=111

Ping to 8.8.4.4 : same thing.

What does this mean :

@gulzoa712 said in Can't ping to 8.8.8.8 or 8.8.4.4 using LAN interface on pfsense:

My wan interface is currently port forwarded to an internal LAN VM.

You've forwarded a port on WAN to an LAN device, using the same, or another port ?
That's fine.
And has nothing to do with classic outgoing traffic.

I'm pretty sure a ping to 8.8.8.8 worked just fine the moment you installed pfSense.
What happened after that ?

Btw : 8.8.8.8 and 8.8.4.4 are DNS resolvers.
There are billions out there that never pinged these servers, and everything works just fine for them.
True, you should be able to ping an IP. Why not.

I can't figure out where this 0.0.0.0 comes from, never saw that before :

Can you give more info ?

gulzoa712

@gertjan It means yes I have port forwarded a port on WAN to a LAN device using the same port that is port 80. I dont' remember ping to 8.8.8.8 working fine, however, i can ping from my WAN interface to 8.8.8.8 but not from my LAN machine, running on pfsense.
the 0.0.0.0 you see is my ping to 8.8.8.8 and 8.8.4.4 getting redirected it seems its stuck someplace. You can see my rules in the post as well am i doing something wrong?

Jarhead

@gulzoa712 Post a pic of your outbound NAT page, the whole page.

Gertjan

@gulzoa712

Can you show your LAN interface settings ?
Just to be sure :

gulzoa712

@gertjan There you go. LAN interface settings are as follows.

gulzoa712

@jarhead There you go. This is the whole page. Is something wrong here? In the automatic rules..?

Gertjan

@gulzoa712

Both look fine.
It's 'something else' => see https://serverfault.com/questions/402023/why-do-icmp-redirect-host-happen where this situation is explained.

Btw : is this part of a clear network design ?

192.168.15.1 Ok, 192.168.1.254, why not.
But a gateway in the middle of the network, not a proof, but a clear sign to me : troubles are coming.

What is the gateway IP of the device your pinging from ?

gulzoa712

@gertjan Hey thanks for the response buddy, but I, fortunately, had it figured by myself. I changed the static route and updated the GW there that was configured to WAN instead of LAN. Now pings work perfectly.