All of a sudden no internet access from LAN but OpenVPN still working OK
-
Hi All,
I am puzzled by something which has happened to me 3 days ago:
I have a Netgate 7100U router with pFSense+ 22.05. The router has attached a switch and a number of devices are attached to the switch. The router was configured almost 1 year ago and not touched since. Since 3 days ago though, I can connect via VPN and log in into the devices on the LAN, but none of the devices on the LAN can access the internet. For example I can remote desktop connect to Windows boxes, but from those boxes it is not possible to browse the internet. My ability to remotely access the devices on the LAN indicates that there is no connectivity fault, and the problem seems to be with the router. I cannot guess what happened. I have pFBlocker NG working, but even disabling that did not change things.
Does anyone have any suggestion about where to start debugging the problem?
Thanks for any advise,
Best Regards,
Andrea
-
On any of these LAN devices, users probably don't use IP adrresses direcly, they use host names, like 'microsoft.com' to visit that site.
For this to work, DNS needs to function.So : check on these devices if they have access to their DNS, typically '192.168.1.1' (= pfSense).
Run anslookup whatever.comon the command line, and check results.
Check if
gives back the expected result.
Also check the obvious places : the resolver log page.
-
Thank you !
Very helpful. The DNS Resolver log indicates that the service was not able to start because the disk is full. The system indicates a disk utilization of 109%. I suspect the disk is failing. The directory /var has a tiny disk utilization ...
Thanks again,
Andrea
-
Wow. Isn't a 7100 equipped with a big drive ?
Do you use any pfSense packages that might have eaten all available disk space ? Some of them can create very fast huge log files. The slightest issue with the file rotation will produce 'disk full' errors.
This time you just lost DNS.
Normally, the system simply 'dies', and wouldn't even be able to boot.
For this reason, and many other (basiclly : because I can make msitakes to ^^) I use this tool.
Real time data for the last year or so, and I'll be getting yelled at by mail when things are about to 'fail'.Know that this one How to Run a pfSense Software File System Check exists.
-
Thank you for the useful info !
-
Do you have any other packages running?
Full disk like that is usually caused by logging from some package that stops rotating correctly or hasn't been configured with any limit.
Check in /var/log
Steve
-
Thanks Steve.
It turns out it was a massive 27GB core dump which had filled the drive.
Andrea
