Always Wan-ip but gateway is 100% packet loss
-
Hello.
I will try again at my problem that Im having.
My internet is from Servanet and Inleed (both Swedish companies), so I have a media converter for incomming fiber where I plugin my networkcabel in port 1 to get Internet. I have had this configuration a long time so there is no problem here. I have had a Asus RT-AX88U and this works and also if I plug my networkcabel into a computer it also works. So no problem here.I install Pfsense on a Intel i3 with 4x Intel i225V and installation works perfect but here its starts to be a problem.
I have followed Nguvu.org, other guides on youtube (NetworkChuck, Lawrence Systems and others), just the simple basic to eliminate sources of errors. No vlans or no vpn, just simple basic router with firewall.I follow the wizard and reboots, sometimes I have Internet connection via Pfsense (can ping, dns lookup etc via pfsense) and sometimes I do not.
Because of my problems I always start with a fresh install just to eliminate sources of errors.My ip from ISP starts with 192.121.xxx.xxx
I have tried with unchecking both "Block private networks and loopback adresses" and "Block bogon networks".
Tried with Outbound NAT Mode (Automatic and manual).The very strange part is that I can reboot Pfsense from not having connection (100% packet loss) and not changing a thing to having connection. I can surf and do anything, dns lookup via pfsense and so on.
But if I reboot again, without changing anything, I dont have connection. Then I reboot again and its back up again. If I have connection and I remove networkcabel from pfsense from Wan, wait 20 seconds and the replug it I get a ip-adress but 100% packet loss.
Strange, yes for me it is.I ALWAYS recieve an Ip-adress even when I have 100% packet loss.
I also recieve the same ip-adress for my pfsense.
I have called my ISP and they dont se anything strange from their side, and since I can use my other router I think the problem is a setting or something (hardware) thats faulty.Please tell me what do you need from me in form of logs to help me remedy my situation?
-
I'm assuming you mean showing 100% loss on the Gateways shown on the dashboard?
can you ping the address you are monitoring?
both from the netgate and from a connected client.trace route to that (monitor) IP
what does that all look like?
-
@jrey thanks for responding.
This is what it looks like.
If I ping from my computer I get "Request timed out".
-
@jrey here are som logs from General and DHCP
-
so if you can't ping that address from anything, you should not expect it to report anything except 100% down.
I'm assuming that is your gateway address or something else inside your ISP that doesn't respond to pings. (you could have setup a rule to block it as well)
do a trace route to 1.1.1.1 or 8.8.8.8 and pick a monitor address outside the 192.121.. space. Assuming a trace to either of those works.
if the trace to those works, then try this
On the System / Routing / Gateways (EDIT)
again set the monitor IP 1 hop on the outside of your ISP's 192.121 space (or pick 1.1.1.1 or 8.8.8.8 or something else that works well from your location)See if that changes the results
-
@jrey
Tried 1.1.1.1 and 8.8.8.8
My rules in WAN and LAN, got nothing in Floating.
-
What is that last rule on the WAN for ? That doesn't look like a stock rule ;-) Why is it there? Something you added? what is the expectation with that rule?
sometimes I have Internet connection via Pfsense (can ping, dns lookup etc via pfsense) and sometimes I do not.
so your client systems connected to the netgate are able to browse the internet? Seems unlikely,
-
@jrey said in Always Wan-ip but gateway is 100% packet loss:
What is that last rule on the WAN for ? That doesn't look like a stock rule ;-) Why is it there? Something you added? what is the expectation with that rule?
Last rule was just something a friend told me to add but it didnt do anything....
so your client systems connected to the netgate are able to browse the internet? Seems unlikely,
Well that is why Im seeking help. Im lost!
Yes I can sometimes when the gateway isnt 100% packet loss I can browse the internet etc until a reboot or disconnect the wan networkcabel then its 100% packet loss and then I have to reboot. But a reboot only works sometimes to correct the issue. Wouldnt say if it wasnt so! =) -
@AcidSleeper said in Always Wan-ip but gateway is 100% packet loss:
just out of curiosity what version of pfSense are you running?
but it didnt do anything
the rule, take it out.
--
so I have a media converter for incomming fiber where I plugin my networkcabel in port 1 to get Internet.
what exactly is this device?
--
I setup this test on a completely internal system, maybe you can map the IP addresses as a comparison to your setup
my DHCP assigned (is displayed in reverse order, but the results seem similar, except of course for the IP addresses)
the setup
and then only the two options at the bottom of the same screen checked,
Block private networks and Block logon networks ( both checked)The gateway is like this
for the monitor IP, in this sample I just picked another address in the external subnet 192.168.0. (ie I am simulating another pingable address as if I am my own ISP) (8.8.8.8) works equally well here as this test system has full access to the internet even though it is behind another pfSense box.
Dashboard looks like this
or if I change the monitor IP to something else outside, like 8.8.8.8 it look like this
There is really not a lot to configure. My WAN in this test was assigned 192.168.0.83 the gateway was assigned 192.168.0.1
the internal network on this test system is 10.168.1/24Trace Hop 1 the gateway as assigned by DHCP, hop 2 the second pf box (gateway/ISP, hop 3 the ISP
and from a client machine 10.168.1.5 on the the test network
-
Sorry for the late respons. A huge man-cold and me in bed for a couple of days.
@jrey said in Always Wan-ip but gateway is 100% packet loss:
just out of curiosity what version of pfSense are you running?
PfSense 2.7.1
the rule, take it out.
Removed the rule on wan.
what exactly is this device?
It is an Inteno XG6846. Its a mediaconverter for internet / telephone / TV.
And yes I am using the right port on it! =)
Been using it since 2009 and it work with a computer directly connected to it and also work with and asus router connected to it.
Correct? Have been using this all the time.Gateway:
Sorry but still the same: 100% packet loss.
WAN-rules: removed the rules you said.
Still the same. No connection.
-
DHCP-log
Dec 1 12:18:23 dpinger 87081 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 192.121.XXX.1 bind_addr 192.121.XXX.95 identifier "WAN_DHCP " Dec 1 12:18:24 dpinger 87081 exiting on signal 15 Dec 1 12:18:24 dpinger 30076 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 192.121.XXX.1 bind_addr 192.121.XXX.95 identifier "WAN_DHCP " Dec 1 12:20:34 dpinger 30076 WAN_DHCP 192.121.XXX.1: sendto error: 65 Dec 1 12:20:35 dpinger 30076 WAN_DHCP 192.121.XXX.1: sendto error: 65 Dec 1 12:20:36 dpinger 30076 exiting on signal 15 Dec 1 13:20:36 dpinger 48663 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 192.121.XXX.1 bind_addr 192.121.XXX.95 identifier "WAN_DHCP " Dec 1 13:20:38 dpinger 48663 WAN_DHCP 192.121.XXX.1: Alarm latency 0us stddev 0us loss 100% Dec 1 13:20:43 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:43 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:44 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:44 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:45 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:45 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:46 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:46 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:47 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:47 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:48 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:48 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:49 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:49 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:50 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:50 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:51 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:52 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:52 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:53 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:53 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:54 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:54 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:55 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:55 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:56 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:56 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:57 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:57 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:58 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:58 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:59 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:20:59 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:00 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:01 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:01 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:02 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:02 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:03 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:03 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:04 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:04 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:05 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:05 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:06 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:06 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:07 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:07 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:08 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:08 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:09 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:09 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:10 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:11 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:11 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:12 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:12 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:13 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:13 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:14 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:14 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:15 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:15 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:16 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:16 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:17 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:17 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:18 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:18 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:19 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:19 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:20 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:20 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:21 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:22 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:22 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:23 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 64 Dec 1 13:21:23 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 65 Dec 1 13:21:24 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 65 Dec 1 13:21:24 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 65 Dec 1 13:21:25 dpinger 48663 WAN_DHCP 192.121.XXX.1: sendto error: 65 Dec 1 13:21:25 dpinger 48663 exiting on signal 15 Dec 1 13:21:26 dpinger 71796 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 192.121.XXX.1 bind_addr 192.121.XXX.95 identifier "WAN_DHCP " Dec 1 13:21:27 dpinger 71796 exiting on signal 15 Dec 1 13:21:27 dpinger 77839 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 192.121.XXX.1 bind_addr 192.121.XXX.95 identifier "WAN_DHCP " Dec 1 13:21:29 dpinger 77839 WAN_DHCP 192.121.XXX.1: Alarm latency 0us stddev 0us loss 100% Dec 1 13:21:54 dpinger 77839 exiting on signal 15 Dec 1 13:21:54 dpinger 99011 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 192.121.XXX.1 bind_addr 192.121.XXX.95 identifier "WAN_DHCP " Dec 1 13:21:56 dpinger 99011 WAN_DHCP 192.121.XXX.1: Alarm latency 0us stddev 0us loss 100% Dec 1 13:22:12 dpinger 99011 exiting on signal 15 Dec 1 13:22:12 dpinger 12629 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 8.8.8.8 bind_addr 192.121.XXX.95 identifier "WAN_DHCP " Dec 1 13:22:14 dpinger 12629 WAN_DHCP 8.8.8.8: Alarm latency 0us stddev 0us loss 100% Dec 1 13:30:59 dpinger 80083 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 8.8.8.8 bind_addr 192.121.XXX.95 identifier "WAN_DHCP " Dec 1 13:30:59 dpinger 80083 exiting on signal 15 Dec 1 13:30:59 dpinger 11554 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 8.8.8.8 bind_addr 192.121.XXX.95 identifier "WAN_DHCP " Dec 1 13:31:02 dpinger 11554 WAN_DHCP 8.8.8.8: Alarm latency 7373us stddev 0us loss 66% Dec 1 13:51:40 dpinger 84006 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 8.8.8.8 bind_addr 192.121.XXX.95 identifier "WAN_DHCP " Dec 1 13:51:40 dpinger 84006 exiting on signal 15 Dec 1 13:51:40 dpinger 5873 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 8.8.8.8 bind_addr 192.121.XXX.95 identifier "WAN_DHCP " Dec 1 13:51:42 dpinger 5873 WAN_DHCP 8.8.8.8: Alarm latency 0us stddev 0us loss 100% Dec 1 14:18:08 dpinger 5873 exiting on signal 15 Dec 1 14:18:08 dpinger 54143 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 8.8.8.8 bind_addr 192.121.XXX.95 identifier "WAN_DHCP " Dec 1 14:18:10 dpinger 54143 WAN_DHCP 8.8.8.8: Alarm latency 0us stddev 0us loss 100% -
This is my Firewall log:
Dec 1 12:18:26 WAN Default deny rule IPv4 (1000000103) 46.101.127.0:53 192.121.XXX.95:53 UDP Dec 1 12:18:35 WAN Default deny rule IPv4 (1000000103) 104.244.73.202:4445 192.121.XXX.95:135 TCP:S Dec 1 12:18:47 WAN Default deny rule IPv4 (1000000103) 77.90.185.66:51273 192.121.XXX.95:14288 TCP:S Dec 1 12:18:50 WAN Default deny rule IPv4 (1000000103) 162.142.125.242:62339 192.121.XXX.95:13757 TCP:S Dec 1 12:18:50 LAN Default deny rule IPv6 (1000000105) [fe80::e438:73b2:3382:dba9]:50569 [fec0:0:0:ffff::3]:53 UDP Dec 1 12:18:51 LAN Default deny rule IPv6 (1000000105) [fe80::e438:73b2:3382:dba9]:50569 [fec0:0:0:ffff::2]:53 UDP Dec 1 12:18:53 LAN Default deny rule IPv6 (1000000105) [fe80::e438:73b2:3382:dba9]:50569 [fec0:0:0:ffff::1]:53 UDP Dec 1 12:18:54 WAN Default deny rule IPv4 (1000000103) 64.62.197.118:55511 192.121.XXX.95:89 TCP:S Dec 1 12:18:54 WAN Default deny rule IPv4 (1000000103) 162.216.150.237:50840 192.121.XXX.95:36168 TCP:S Dec 1 12:19:03 WAN Default deny rule IPv4 (1000000103) 80.94.95.225:59510 192.121.XXX.95:37505 TCP:S Dec 1 12:19:35 WAN Default deny rule IPv4 (1000000103) 36.11.36.100:41852 192.121.XXX.95:60023 TCP:S Dec 1 12:19:41 WAN Default deny rule IPv4 (1000000103) 77.90.185.182:54815 192.121.XXX.95:38631 TCP:S Dec 1 12:19:43 WAN Default deny rule IPv4 (1000000103) 185.200.118.46:37660 192.121.XXX.95:443 UDP Dec 1 12:19:43 WAN (12006) 10.255.13.195 224.0.0.1 IGMP Dec 1 12:19:53 WAN Default deny rule IPv4 (1000000103) 162.216.150.225:55884 192.121.XXX.95:5384 TCP:S Dec 1 12:19:58 WAN Default deny rule IPv4 (1000000103) 162.216.150.52:52792 192.121.XXX.95:31852 TCP:S Dec 1 12:19:59 WAN Default deny rule IPv4 (1000000103) 162.216.150.115:53927 192.121.XXX.95:48759 TCP:S Dec 1 12:20:21 WAN Default deny rule IPv4 (1000000103) 210.245.120.108:54801 192.121.XXX.95:59739 TCP:S Dec 1 12:20:29 WAN Default deny rule IPv4 (1000000103) 162.142.125.246:2059 192.121.XXX.95:2022 TCP:S Dec 1 12:20:30 WAN Default deny rule IPv4 (1000000103) 167.94.138.149:23612 192.121.XXX.95:38183 TCP:S Dec 1 13:32:14 WAN (12006) 10.255.13.195 224.0.0.1 IGMP Dec 1 13:34:19 WAN Block private networks from WAN block 10/8 (12001) 10.255.13.195 224.0.0.1 IGMP Dec 1 13:44:44 WAN Block private networks from WAN block 10/8 (12001) 10.255.13.195 224.0.0.1 IGMP Dec 1 13:46:49 WAN Block private networks from WAN block 10/8 (12001) 10.255.13.195 224.0.0.1 IGMP Dec 1 13:48:54 WAN Block private networks from WAN block 10/8 (12001) 10.255.13.195 224.0.0.1 IGMP Dec 1 13:53:04 WAN (12006) 10.255.13.195 224.0.0.1 IGMP Dec 1 13:55:09 WAN Block private networks from WAN block 10/8 (12001) 10.255.13.195 224.0.0.1 IGMP Dec 1 13:57:14 WAN Block private networks from WAN block 10/8 (12001) 10.255.13.195 224.0.0.1 IGMP Dec 1 13:59:19 WAN Block private networks from WAN block 10/8 (12001) 10.255.13.195 224.0.0.1 IGMP Dec 1 14:01:25 WAN Block private networks from WAN block 10/8 (12001) 10.255.13.195 224.0.0.1 IGMP Dec 1 14:03:30 WAN Block private networks from WAN block 10/8 (12001) 10.255.13.195 224.0.0.1 IGMP Dec 1 14:05:34 WAN Block private networks from WAN block 10/8 (12001) 10.255.13.195 224.0.0.1 IGMP Dec 1 14:07:39 WAN Block private networks from WAN block 10/8 (12001) 10.255.13.195 224.0.0.1 IGMP Dec 1 14:09:44 WAN Block private networks from WAN block 10/8 (12001) 10.255.13.195 224.0.0.1 IGMP Dec 1 14:22:14 WAN Block private networks from WAN block 10/8 (12001) 10.255.13.195 224.0.0.1 IGMP Dec 1 14:30:34 WAN Block private networks from WAN block 10/8 (12001) 10.255.13.195 224.0.0.1 IGMP -
@AcidSleeper said in Always Wan-ip but gateway is 100% packet loss:
and it work with a computer directly connected to it and also work with and asus router connected to it.
so when either of these devices are connected to it, what IP's are they assigned?
the ISP is giving you a DHCP address (right?) (Random or Static?), but the result of the setting are apparently different when pfSense is assigned vs. what the computer or Asus.
Compare them?(are they requiring a specific MAC address?)
Does the ISP also provide you IPV6 ? that shows as pending in your screen shot above.
if they do not provide IPv6 (might not be a bad, test anyway)
also clients going through the netgate are able browse internet?
Diagnostics -> Routes
The ISP assigned IP and gateway listed?
generally does it show all the IP addresses you expect ? -
@jrey said in Always Wan-ip but gateway is 100% packet loss:
so when either of these devices are connected to it, what IP's are they assigned?
My computer and Asus router are assigned diffrent ip-adresses.
the ISP is giving you a DHCP address (right?) (Random or Static?), but the result of the setting are apparently different when pfSense is assigned vs. what the computer or Asus.
Compare them?Yes, DHCP and Random. Cant find any differences. I have assigned another dns-server in ASUS-router like I do here in pfsense. other then that I dont know.
(are they requiring a specific MAC address?)
No.
Does the ISP also provide you IPV6 ? that shows as pending in your screen shot above.
if they do not provide IPv6 (might not be a bad, test anyway)They dont and I have that removed in the last screenshot.
also clients going through the netgate are able browse internet?
Think you misunderstood me here. I cant access the internet when gateway is 100% packet loss. It is when gateway is Online I can surf etc.
-
Diagnostics -> Routes
The ISP assigned IP and gateway listed?
generally does it show all the IP addresses you expect ?
-
Here I did a Status - Interfaces: Release Wan and the checkbox with Relinquish Lease Checked.
Then I in Command Promt I wrote: "ifconfig igc0 down" waited lets say 20seconds and then typed "ifconfig igc0 up"I had internet, gateway was online. But when I rebooted the result was 100% packet loss.
Dec 1 14:42:21 php-fpm 399 /status_interfaces.php: The command '/usr/local/sbin/dhclient {$ipv} -d -r -lf '/var/db/dhclient.leases.igc0' -cf '/var/etc/dhclient_wan.conf' -sf '/usr/local/sbin/pfSense-dhclient-script'' returned exit code '1', the output was 'Internet Systems Consortium DHCP Client 4.4.3-P1 Copyright 2004-2022 Internet Systems Consortium. All rights reserved. For info, please visit https://www.isc.org/software/dhcp/ /var/db/dhclient.leases.igc0 line 4: expecting lease declaration. next-server ^ /var/db/dhclient.leases.igc0 line 5: expecting semicolon. option ^ /var/db/dhclient.leases.igc0 line 18: expecting lease declaration. next-server ^ /var/db/dhclient.leases.igc0 line 19: expecting semicolon. option ^ Listening on BPF/igc0/60:be:b4:02:e3:42 Sending on BPF/igc0/60:be:b4:02:e3:42 Can't attach interface {} to bpf device /dev/bpf0: Device not configured If you think you have received this message due to a bug rather than a configuration issue please read the section on submitting bugs on either our web page at www.isc.org or in the README file before submitting a bug. These pages explain the proper process and the information we find helpful for debugging. exiting.' Dec 1 14:42:24 php-fpm 399 /status_interfaces.php: Resyncing OpenVPN instances for interface WAN. Dec 1 14:42:24 check_reload_status 439 Reloading filter Dec 1 14:42:24 php-fpm 399 /status_interfaces.php: Gateway, none 'available' for inet, use the first one configured. 'WAN_DHCP' Dec 1 14:42:24 php-fpm 399 /status_interfaces.php: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.*PROTO.*>'' returned exit code '1', the output was '' Dec 1 14:42:24 check_reload_status 439 Starting packages Dec 1 14:42:25 php-fpm 43555 /rc.start_packages: Restarting/Starting all packages. Dec 1 14:43:43 kernel igc0: link state changed to DOWN Dec 1 14:43:43 check_reload_status 439 Linkup starting igc0 Dec 1 14:43:44 php-fpm 43555 /rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp) Dec 1 14:43:44 php-fpm 43555 /rc.linkup: DEVD Ethernet detached event for wan Dec 1 14:43:44 check_reload_status 439 Reloading filter Dec 1 14:43:44 rc.gateway_alarm 6428 >>> Gateway alarm: WAN_DHCP (Addr:192.121.XXX.1 Alarm:down RTT:0ms RTTsd:0ms Loss:100%) Dec 1 14:43:44 check_reload_status 439 updating dyndns WAN_DHCP Dec 1 14:43:44 check_reload_status 439 Restarting IPsec tunnels Dec 1 14:43:44 check_reload_status 439 Restarting OpenVPN tunnels/interfaces Dec 1 14:43:44 check_reload_status 439 Reloading filter Dec 1 14:43:45 php-fpm 400 /rc.openvpn: Gateway, none 'available' for inet, use the first one configured. 'WAN_DHCP' Dec 1 14:43:45 php-fpm 400 /rc.openvpn: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.*PROTO.*>'' returned exit code '1', the output was '' Dec 1 14:43:47 check_reload_status 439 Linkup starting igc0 Dec 1 14:43:47 kernel igc0: link state changed to UP Dec 1 14:43:48 php-fpm 400 /rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp) Dec 1 14:43:48 php-fpm 400 /rc.linkup: DEVD Ethernet attached event for wan Dec 1 14:43:48 php-fpm 400 /rc.linkup: HOTPLUG: Configuring interface wan Dec 1 14:43:48 check_reload_status 439 rc.newwanip starting igc0 Dec 1 14:43:48 php-fpm 400 /rc.linkup: Gateway, none 'available' for inet, use the first one configured. 'WAN_DHCP' Dec 1 14:43:48 php-fpm 400 /rc.linkup: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.*PROTO.*>'' returned exit code '1', the output was '' Dec 1 14:43:48 check_reload_status 439 Restarting IPsec tunnels Dec 1 14:43:48 check_reload_status 439 updating dyndns wan Dec 1 14:43:48 check_reload_status 439 Reloading filter Dec 1 14:43:49 php-fpm 399 /rc.newwanip: rc.newwanip: Info: starting on igc0. Dec 1 14:43:49 php-fpm 399 /rc.newwanip: rc.newwanip: on (IP address: 192.121.XXX.95) (interface: WAN[wan]) (real interface: igc0). Dec 1 14:43:50 php-fpm 399 /rc.newwanip: Removing static route for monitor 8.8.8.8 and adding a new route through 192.121.XXX.1 Dec 1 14:43:50 php-fpm 399 /rc.newwanip: Gateway, NONE AVAILABLE Dec 1 14:43:50 php-fpm 399 /rc.newwanip: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.*PROTO.*>'' returned exit code '1', the output was '' Dec 1 14:43:50 php-fpm 399 /rc.newwanip: IP Address has changed, killing states on former IP Address 0.0.0.0. Dec 1 14:43:50 php-fpm 399 /rc.newwanip: Resyncing OpenVPN instances for interface WAN. Dec 1 14:43:50 php-fpm 399 /rc.newwanip: Creating rrd update script Dec 1 14:43:52 php-fpm 399 /rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - 0.0.0.0 -> 192.121.XXX.95 - Restarting packages. Dec 1 14:43:52 check_reload_status 439 Starting packages Dec 1 14:43:52 check_reload_status 439 Reloading filter Dec 1 14:43:54 php-fpm 400 /rc.start_packages: Restarting/Starting all packages. Dec 1 14:44:48 php-fpm 43555 /diag_reboot.php: Stopping all packages. Dec 1 14:44:51 reboot 10265 rebooted by root Dec 1 14:44:51 syslogd exiting on signal 15 Dec 1 14:45:34 syslogd kernel boot file is /boot/kernel/kernel Dec 1 14:45:34 kernel ---<<BOOT>>--- Dec 1 14:45:34 kernel igc0: <Intel(R) Ethernet Controller I225-V> mem 0x50a00000-0x50afffff,0x50b00000-0x50b03fff at device 0.0 on pci2 Dec 1 14:45:34 kernel igc0: Using 1024 TX descriptors and 1024 RX descriptors Dec 1 14:45:34 kernel igc0: Using 2 RX queues 2 TX queues Dec 1 14:45:34 kernel igc0: Using MSI-X interrupts with 3 vectors Dec 1 14:45:34 kernel igc0: Ethernet address: 60:be:b4:02:e3:42 Dec 1 14:45:34 kernel igc0: netmap queues/slots: TX 2/1024, RX 2/1024 Dec 1 14:45:34 kernel igc1: <Intel(R) Ethernet Controller I225-V> mem 0x50800000-0x508fffff,0x50900000-0x50903fff at device 0.0 on pci3 Dec 1 14:45:34 kernel igc1: Using 1024 TX descriptors and 1024 RX descriptors Dec 1 14:45:34 kernel igc1: Using 2 RX queues 2 TX queues Dec 1 14:45:34 kernel igc1: Using MSI-X interrupts with 3 vectors Dec 1 14:45:34 kernel igc1: Ethernet address: 60:be:b4:02:e3:43 Dec 1 14:45:34 kernel igc1: netmap queues/slots: TX 2/1024, RX 2/1024 Dec 1 14:45:34 kernel igc2: <Intel(R) Ethernet Controller I225-V> mem 0x50600000-0x506fffff,0x50700000-0x50703fff at device 0.0 on pci4 Dec 1 14:45:34 kernel igc2: Using 1024 TX descriptors and 1024 RX descriptors Dec 1 14:45:34 kernel igc2: Using 2 RX queues 2 TX queues Dec 1 14:45:34 kernel igc2: Using MSI-X interrupts with 3 vectors Dec 1 14:45:34 kernel igc2: Ethernet address: 60:be:b4:02:e3:44 Dec 1 14:45:34 kernel igc2: netmap queues/slots: TX 2/1024, RX 2/1024 Dec 1 14:45:34 kernel igc3: <Intel(R) Ethernet Controller I225-V> mem 0x50400000-0x504fffff,0x50500000-0x50503fff at device 0.0 on pci5 Dec 1 14:45:34 kernel igc3: Using 1024 TX descriptors and 1024 RX descriptors Dec 1 14:45:34 kernel igc3: Using 2 RX queues 2 TX queues Dec 1 14:45:34 kernel igc3: Using MSI-X interrupts with 3 vectors Dec 1 14:45:34 kernel igc3: Ethernet address: 60:be:b4:02:e3:45 Dec 1 14:45:34 kernel igc3: netmap queues/slots: TX 2/1024, RX 2/1024 Dec 1 14:45:34 kernel lo0: link state changed to UP Dec 1 14:45:38 check_reload_status 439 Linkup starting igc0 Dec 1 14:45:38 kernel igc0: link state changed to UP Dec 1 14:45:38 check_reload_status 439 rc.newwanip starting igc0 Dec 1 14:45:38 php-cgi 474 rc.bootup: Resyncing OpenVPN instances. Dec 1 14:45:39 kernel pflog0: promiscuous mode enabled Dec 1 14:45:39 php-cgi 474 rc.bootup: Removing static route for monitor 8.8.8.8 and adding a new route through 192.121.XXX.1 Dec 1 14:45:39 kernel .done. Dec 1 14:45:39 kernel done. Dec 1 14:45:39 php-cgi 474 rc.bootup: Gateway, NONE AVAILABLE Dec 1 14:45:39 php-cgi 474 rc.bootup: Default gateway setting Interface WAN_DHCP Gateway as default. Dec 1 14:45:39 php-cgi 474 rc.bootup: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.*PROTO.*>'' returned exit code '1', the output was '' Dec 1 14:45:39 php-fpm 399 /rc.newwanip: rc.newwanip: Info: starting on igc0. Dec 1 14:45:39 kernel done. Dec 1 14:45:39 php-fpm 399 /rc.newwanip: rc.newwanip: on (IP address: 192.121.XXX.95) (interface: WAN[wan]) (real interface: igc0). Dec 1 14:45:39 php-fpm 399 /rc.newwanip: Removing static route for monitor 8.8.8.8 and adding a new route through 192.121.XXX.1 Dec 1 14:45:39 php-cgi 474 rc.bootup: sync unbound done. Dec 1 14:45:39 kernel done. Dec 1 14:45:39 kernel done. Dec 1 14:45:42 rc.gateway_alarm 86534 >>> Gateway alarm: WAN_DHCP (Addr:8.8.8.8 Alarm:1 RTT:7.380ms RTTsd:0ms Loss:50%) Dec 1 14:45:42 check_reload_status 439 updating dyndns WAN_DHCP Dec 1 14:45:42 check_reload_status 439 Restarting IPsec tunnels Dec 1 14:45:42 check_reload_status 439 Restarting OpenVPN tunnels/interfaces Dec 1 14:45:42 check_reload_status 439 Reloading filter Dec 1 14:45:43 check_reload_status 439 Linkup starting igc1 Dec 1 14:45:43 kernel igc1: link state changed to UP Dec 1 14:45:44 php-fpm 400 /rc.linkup: Ignoring link event during boot sequence. Dec 1 14:46:10 php-cgi 474 rc.bootup: NTPD is starting up. Dec 1 14:46:10 kernel done. Dec 1 14:46:11 kernel done. Dec 1 14:46:11 check_reload_status 439 Updating all dyndns Dec 1 14:46:11 php-cgi 474 rc.bootup: The command '/usr/local/sbin/strongswanrc stop' returned exit code '1', the output was 'strongswan not running? (check /var/run/daemon-charon.pid).' Dec 1 14:46:11 kernel .done. Dec 1 14:46:17 php-fpm 400 /rc.start_packages: Restarting/Starting all packages. Dec 1 14:46:17 root 96391 Bootup complete -
The answer has to be right there, but I'm not spotting it.
Reviewing everything you have provided, and just noticed another rule, that is not out of box on the LAN tab. for the IPv4 you have * (any) for source, out of box this would be "LAN subnets" like the IPv6 rule below it. Should not make a difference (but I didn't test it) so more just an observation at this point.
as it sits right now, your WAN IP is 192.121.xx.95 and the gateway should be 192.121.x.1
from the Diagnostics / Ping page can you ping both of those and get a response?
-
@jrey I change the rule as you requested.
I will try and ping theese ip tomorrow. The whole family is using the Internet as the Asus-router is plugged in the Wan-port of the mediaconverter right now.
I will return tomorrow! Thanks for all the troubleshooting so far!
-
Of course - no problem.
What other packages if any do you have installed and running?
After a reboot any services showing as not running?
-
My test machine is a virtual, so I can virtually mess with it.
so the system is currently running and an I disconnect the WAN Cable.
Note the system does not say OffLine -- the gateway just goes Pending and Unknown -what I'd expect ..
The interface is autoselect. (should be)
virtually plug it back in and it instantly negotiates the connection.
are you using the same cable when going from
mc <-> asus
as you do when going from
mc <-> pf
if it is the same cable that's fine, but if different (and even if not) are you getting the same negotiated speed/duplex on both devices (asus and pf)
do you need to restart the MC (or should you?) or just swapping the cable?curiosity questions
