New pfsense Install - No Internet for Connected Devices
-
@empty_infinity The default configuration is to allow all on LAN and so would allow the outbound connection. What exactly is not working on the client device? DNS, ping by IP, traceroute…? IPv4 or IPv6?
https://docs.netgate.com/pfsense/en/latest/troubleshooting/connectivity.html
Try to avoid (software) bridging if possible, as a (hardware) switch is better at it.
-
Mmm, by default I would expect that to work.
Is that actually using the LAN interface? It has the two default firewall rules on it?
Do you see traffic blocked in the firewall log?
Do you see more than one gateway in System > Routing > Gateways?
-
@empty_infinity said in New pfsense Install - No Internet for Connected Devices:
despite receiving an IP address...
You checked that ?
For example, on a "Windows" device :ipconfig /allThe least important thing shown is : the IP. It must be in the pfSense DHCP pool of course.
More important the network : must be 255.255.255.0 ( or /24 )
Also very important : the gateway : does it have the LAN IP of pfSense ?
And of course : DNS : same thing as the gateway.On issue with any of the four will create problems, not just the "IP".
How did you set up your pfSense LAN : an IP like 192.168.1.1 - and the network has been set to /24 ( a /32 means : you asked for problems, you are served ^^ )
The perfect "IPv4 Upstream gateway" on a LAN interface is "None". Any other settings and ... well : problems have arrived.
@empty_infinity said in New pfsense Install - No Internet for Connected Devices:
Have deferred bridging these ports with the LAN for now, but plan to do this later.
Defer that to : indefinitely.
pfSense is a router, interfaces are not interconnected so you can can create something that looks like a switch.
You want a switch : do yourself a big favour : get a switch.
It can be done, true.@empty_infinity said in New pfsense Install - No Internet for Connected Devices:
The issue now is that downstream devices are not receiving an internet connection
Turn that question around :
Do they want an Internet access ?
Goto Diagnostics > Packet Capture
Select the LAN interface.
Hit Start.Do you see traffic coming in ? With what destination ?
-
@SteveITS said in New pfsense Install - No Internet for Connected Devices:
@empty_infinity The default configuration is to allow all on LAN and so would allow the outbound connection. What exactly is not working on the client device? DNS, ping by IP, traceroute…? IPv4 or IPv6?
https://docs.netgate.com/pfsense/en/latest/troubleshooting/connectivity.html
Try to avoid (software) bridging if possible, as a (hardware) switch is better at it.
Interestingly, one thing I’ve noticed in the client device is that the DNS is showing the IP address of the pfsense router, could this be contributing?
-
@empty_infinity said in New pfsense Install - No Internet for Connected Devices:
in the client device is that the DNS is showing the IP address of the pfsense router
That's default, DHCP on pfSense hands out the pfSense IP as the DNS server. You can test it via "nslookup pfsense.org" or other names.
You can test DNS on pfSense itself on the Diagnostics menu.
If DNS was not working but the connection was working, "ping 8.8.8.8" or other IPs would succeed.
-
@Gertjan said in New pfsense Install - No Internet for Connected Devices:
@empty_infinity said in New pfsense Install - No Internet for Connected Devices:
despite receiving an IP address...
You checked that ?
For example, on a "Windows" device :ipconfig /allThe least important thing shown is : the IP. It must be in the pfSense DHCP pool of course.
More important the network : must be 255.255.255.0 ( or /24 )
Also very important : the gateway : does it have the LAN IP of pfSense ?
And of course : DNS : same thing as the gateway.On issue with any of the four will create problems, not just the "IP".
How did you set up your pfSense LAN : an IP like 192.168.1.1 - and the network has been set to /24 ( a /32 means : you asked for problems, you are served ^^ )
The perfect "IPv4 Upstream gateway" on a LAN interface is "None". Any other settings and ... well : problems have arrived.
@empty_infinity said in New pfsense Install - No Internet for Connected Devices:
Have deferred bridging these ports with the LAN for now, but plan to do this later.
Defer that to : indefinitely.
pfSense is a router, interfaces are not interconnected so you can can create something that looks like a switch.
You want a switch : do yourself a big favour : get a switch.
It can be done, true.@empty_infinity said in New pfsense Install - No Internet for Connected Devices:
The issue now is that downstream devices are not receiving an internet connection
Turn that question around :
Do they want an Internet access ?
Goto Diagnostics > Packet Capture
Select the LAN interface.
Hit Start.Do you see traffic coming in ? With what destination ?
Ok so first a bit of context about my setup - I have plugged my pfsense box into my current router, and I have unblocked private IPs from WAN and set pfsense to use a different IP range (192.168.55.x) compared to my router (192.168.1.x). Set IP as /24. Did this so that I could play with this setup and configure the pfsense router before handing over management of my whole network to the pfsense box…
On client device I am getting the following:
IP: 192.168.55.10
Subnet: 255.255.255.0
DNS server: 192.168.55.1 (this is the static IP address i set on the LAN port of pfsense)The gateway in pfsense for me shows an IP address of 192.168.1.254, which is actually the IP address of the router I’ve plugged the pfsense box into.
I wonder if there is a problem with the DNS server address? Or the gateway?
-
When you say ping do you mean from the client device?
I had previously confirmed internet connectivity from the firewall itself by pinging 8.8.8.8 (under Diagnostics > Ping), and thought I had successfully checked DNS is working (successfully looked up pfsense.org under Diagnostics > DNS lookup.)
-
@empty_infinity If things work from pfSense then that's 98% of the way. Yes ping and traceroute from your client device. See if it's a DNS error or a connection error.
-
Yup, test both. Test using IPs and hostnames. More info will help you narrow down the issue.
-
@empty_infinity said in New pfsense Install - No Internet for Connected Devices:
IP: 192.168.55.10
Subnet: 255.255.255.0
DNS server: 192.168.55.1 (this is the static IP address i set on the LAN port of pfsense)And the gateway for this device ?
I should be, as the DNS : 192.168.55.1The pfSense LAN firewall rule is a generic pass all rule like the one you found when installing pfSense ?
