Troubleshooting WAN DHCP
-
Yes, that is a CLI command so you could run it at the serial console or via SSH or, in this case, at Diag > Command Prompt in the gui.
-
@stephenw10 I have done that yet but I did have them plug into ix2 and the interface came up, does that mean this box is faulty?
-
I tried to reassign WAN to Ix2 and WAN2 to the non working ix3 and it wouldn't work. It kept both at ix3 once I rebooted . Had to restore a backup cause I was unable to get WAN2 back on ix2.
-
This is a basically the network setup I am now having to make work. Why ix3 all of sudden no longer connects is beyond me so I guess I'll have ot make ix2 my new WAN.
-
You should be able to re-assign the interfaces interfaces. You can just delete WAN2 as an assignment then ix2 becomes free. Then reassign WAN as ix2, ix3 becomes free.
However if it works as expected in ix2 and fails in ix3 you should open a ticket with us because that starts to look like a hardware issue:
https://www.netgate.com/tac-support-requestSteve
-
@stephenw10 Thank you Steve, I did just issue that ifconfig command and ix3 was listed. Yes I just emailed my manager telling him I need to purchase Support in order to contact Netgate because we have one month left of warranty. I also tried setting WAN2 to DHCP agianst this newly installed router and it only brought back 0.0.0.0 as the IP address. Not sure what static information it needs to create a connection.
-
You don't need to purchase support for a hardware issue like that. Just open a ticket.
If ix2 shows as linked but just cannot pull an IP that could be the MAC address lock on the modem. Be sure to reboot it.
-
@stephenw10 Thank you. So I attempted deleting ix2 or WAN2 assignment, went successful but again then trying to assign ix2 now to WAN form ix3, does nothing, hitting Save and no confirmation of change or anything. After sometime I go out and come back in ,its back to ix3 on WAN.
-
Hmm, odd. Any errors logged?
You could try reassigning the interfaces at the console using the menu option if you have access there. And you only have two interfaces in use.
-
S stephenw10 moved this topic from General pfSense Questions on
-
@stephenw10 I gave up trying to make the assignment, I simply setup WAN2 with the static information and got it running and assigned it as my default GW. Just making some IP updates on my end to facilatate VoIP and my VPN remote connection but all their system are up. I did send in a support ticket however because I do think something is not right with the hardware itself to out of the blue drop completely. Our ISP is spotty and we have noticed over the last few weeks more an d more drops so maybe it's a combination of ISP and hardware.
-
@StormGate Now although I have everything back and running there is one problem and it is because of double nating, no doubt. The VPN users are now exprriencing disconnects when attmepting to keep a VPN client logged in , is there a workaround to get past this issue with having pfsense now behind another router that the ISP says has to be place in order to have the static IP?
-
What VPN type are they using? Are they connecting to the same server/IP?
-
@stephenw10 They use a product based on OpenVPN that does have a static destination to allow drives to be mapped. This is IPSec based.
-
OpenVPN and IPSec are different VPN protocols. Do you know which they are using?
Both should work fine behind NAT (or double NAT) though and both should use random ports to allow multiple clients to connect from behind a single router.
If there is only one client behind pfSense does it remain connected?
-
@stephenw10 I think I found the issue after remoting in, when I assembled this new infrastruture and shipped it out, I gave explicit instructions that the new system is 100% VLAN based and sure enough the staff person with their single netowrk connection, slaved the laptop off the VoIP phone and the laptop is running on the phone network, my rules are setup as per vlan so I told them sort it out because reviewing the logs, other staff VPN's connections are not dropping. This was discussed when the network went in that they required on site netwok drops to complete the update.
-
@stephenw10 Sophos Connect clients use 3 service strongSwan, OpenVPN and Sophos Connect to allow the configuration of both SSL VPN and IPSec. Our staff use both depending on usage however after seeing the logs it looked evident the culprit was the user plugging into the voIP phone port. The rules are very strict as to what vlans can do what.