Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfSense 2.7.0 in a ProxMox VM not getting IP address from Deutsche Glasfaser

    Scheduled Pinned Locked Moved General pfSense Questions
    7 Posts 3 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      charry2014
      last edited by

      Hello everyone, I am trying to bring up pfSense 2.7.0 in a Proxmox VM and have it replace my current bare-metal pfSense 2.6.0 instance which has worked (almost) flawlessly for years. The hardware Proxmox is running on is a Protectli VP2420, the internet connection is provided by Deutsche Glasfaser. I followed the instructions here to set up pfSense, and a bunch of other sites like Beechy. As I mentioned my long-standing pfSense installation works flawlessly, so I know this can be done.

      This should be a relatively straightforward DHCP6 connection from what I understand from the internet, DG uses a standard but slow DHCP over IPv6. Unfortunately the virtualised pfSense never gets assigned an IPV6 address, or even IPV4 address, on the WAN interface. I have brought up a 2.6.0 VM as well which is also never gets an IP address on WAN. I tried the E1000 NIC in Proxmox to no avail. Previously I ran a pfSense in a VMWare VM so I should be able to figure it out, perhaps I just know enough to be dangerous... Nevertheless, I have studiously compared all settings between my working setup and the new ones, I see no differences. Yes, the 'Allow IPv6' checkbox is checked.

      In this site it says to wait 15 minutes for a new DHCP lease and I have waited twice that, power cycled the DG box numerous times, all to no avail.

      My working gateway setup looks like this:
      53684d1d-eb25-49d2-b193-e6786d1ba35a-image.png
      The new installed VMs just say 'Pending'.

      Can anyone give me a clue how I can debug this, or is it likely a problem with DG and their DHCP behaviour?

      NollipfSenseN 1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        What do you see in the dhcp logs? Is it trying and seeing no replies?

        Do you see any incoming packets on the WAN packet counters at all?

        Steve

        1 Reply Last reply Reply Quote 0
        • stephenw10S stephenw10 moved this topic from Problems Installing or Upgrading pfSense Software on
        • NollipfSenseN
          NollipfSense @charry2014
          last edited by

          @charry2014 So, I see you followed the right recipe and if you passthrough WAN as instructed, then you should have logs as to why you're not getting any IP...can you show your logs?

          pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
          pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud.

          1 Reply Last reply Reply Quote 0
          • C
            charry2014
            last edited by charry2014

            Thank you for your suggestions - I made some progress. There were some configurations I had not made, if these can affect WAN behaviour I cannot tell:

            • In the LAN Interfaces tab - the IPv6 Prefix ID must be set to 56
            • DHCPv6 Server and RA the prefix delegation side must also be set to 56
              These are clearly indicated by Beechy, my mistake.

            Then having made these edits I left the new pfSense connected to the DG modem for an hour, and at the beginning of that hour unplugged the power from the DG router for five minutes to give it a clean separation, then it got an IP address on WAN from DG. This was a definite 'test passed' moment 🥳. What was then interesting is when I then reconnected the old pfSense to the DG modem it reconnected the gateways after a while but DNS did not work until I restarted the DG modem. This is inconvenient as my wife (the worst sort of user a network admin can have 😉) works from home and the network must be up basically all the time. Switching between firewalls apparently takes 2 hours at least.

            To answer your specific questions - There was nothing in the logs until I turned on 'Start DHCP in debug mode' and then I could see nothing useful, just some general permission errors. The suggestion about the WAN packet counters would be interesting for next time.

            Does anyone know if it is possible, or likely to be possible, to put a switch directly onto the DG modem and connect the two pfSense instances to the same modem? This would greatly ease the testing and bring up of the new one.

            1 Reply Last reply Reply Quote 0
            • stephenw10S
              stephenw10 Netgate Administrator
              last edited by

              You can try that but it's unlikely you can pull more than one DHCP lease from the ISP. Both firewalls would try to do that and that create a conflict.

              It's odd that you have to wait like that. The timespan sounds like maybe the old dhcp lease has to expire. That's not something I've seen at any other ISP.

              1 Reply Last reply Reply Quote 0
              • C
                charry2014
                last edited by

                So, just for the sake of completion to wrap this up cleanly, I found the setup to be a little intricate but now it works. Essentially Beechy's guide is correct and given the changes I outline above the connection came through in some 15 minutes, but perhaps some further clarifications would be helpful.

                1. Forget 6rd, go for DHCPv6 now
                2. In pfSense only configure the IPv4 gateway in System - Routing - Gateways, the IPv6 gateway will appear by magic once the IPv4 has connected. This is how the globe icon appears next to the gateway name -
                  1e1fbb75-7812-45be-9505-0f13ccb92a87-image.png
                  This bit seems pretty weird, but I am all but certain this is what happened. As an experiment I configured just the IPv4 gateway, and then everything else happened by itself.
                3. If the IPv4 or IPv6 gateway shows connected and online but there is no DNS for internet sites then restart the DG modem
                4. Once IPv4 gateway has connected it is necessary to restart pfSense to get the IPv6 gateway to connect

                Then, you will have a full connection. Hope that helps.

                NollipfSenseN 1 Reply Last reply Reply Quote 0
                • NollipfSenseN
                  NollipfSense @charry2014
                  last edited by

                  @charry2014 said in pfSense 2.7.0 in a ProxMox VM not getting IP address from Deutsche Glasfaser:

                  IPv6 gateway shows connected and online but there is no DNS for internet

                  If you setup IPv6 correctly and there is no DNS, maybe you're suffering as I am discovering ISP gave static IPv6 that doesn't allow LAN to communicate with upstream DVCPv6 server. Please call your ISP.

                  pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
                  pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.