opt cannot going to internet
-
Hello, There.
I was a little confused it's about the rule on the opt interface. I have created a rule that
and the firewall log said the packet passed
So now, I cannot ping 8.8.8.8 what is wrong?
How can I troubleshoot the problem? If this problem is clear I will set the rule to the internet later.
Any ideas, please let me know.
Thank you.
-
@dimsum why would you be using 172.1.1.1 ? That is public space..
CIDR: 172.0.0.0/12
OrgName: AT&T Corp.I mean it should still nat to what your public IP is.. But it would be a horrible choice to use locally.. And .1 is an odd IP for a client as well, since .1 and .254 are normally used as gateways.
With those 2 oddities, I would say you got something else going on..
-
Have you created any other rules outside of the DNS? Is your resolver doing the DNS or something else like Unbound?
You might need to set unbound to also resolve for your new interface..
Do you also use access control lists on unbound?
-
@dimsum I missed about rfc1918. so now I have reconfigured opt to 172.16.100.0/24 but when I test ping I have a reply message from my LAN GW.
This's my opt settings
Routing
Thanks!
-
@johnpoz Thanks for your help. I have allowed my opt interface already.
-
@dimsum what is this 192.168.10.254? You show that the IP address is 172.168.100.254 on pfsense.. Is that your upstream of pfsense, so your double natting?
Does pfsense lan work?
-
@dimsum I have rechecked my LAN the gateway is set to 192.168.10.254 and now I setting it to none. LAN is working and can connect to the internet.
when I ping 1.1.1.1 it does work
firewall log
tracert 1.1.1.1
firewall role
-
@dimsum said in opt cannot going to internet:
when I ping 1.1.1.1 it does work
No it doesn't - you are showing timeout - that is not working.
These are working examples
timeouts and ttl expired and nothing past hop 1 is not working anything.. So even your lan doesn't work??
Can pfsense itself even ping anything?
