WAN offline after reboot from local power outage

vmsadmin

I am running pfsense as a VM on VMWare ESXI. It has a static IP address. It's been working fine for over a year. However, all physical servers and VMs were rebooted after a local power failure over the weekend. I managed to get our entire infrastructure back up without any problems. Only the pfsense VM is giving me trouble. Now it suddenly cannot ping the default gateway. We Managed Network Edge by Spectrum which uses Cisco Miraki switches and routers. No settings have been altered in the pfsense VM or network routing. The proper ports are all open. Everything looks to be fine. The gateway is obviously functioning and can be pinged or none of our systems would have internet access. I'm at a complete loss as to what can be causing this. I've rebooted the VM, I've tried changing the IP monitor to both Spectrum and Google's DNS servers, I've tried switching from static to DHCP, and nothing works.

This pfsense VM serves only one purpose for us and it's a critical one. It's used for OpenVPN service to allow offsite work. Right now, that ability is not possible until this is resolved. Any help would be greatly appreciated.

Gertjan

@vmsadmin

The WAN interface is using DHCP ?
If so : can you access the device that gives pfSense the DHCP lease ? Can you see the lease request coming in ? The lease being granted ? etc.

vmsadmin

@Gertjan It is currently set up as a fixed address within pfsense. I had temporarily changed it to DHCP and restarted the system to see if something like the Miraki firewall was giving it its IP address but that doesn't seem to be the case. When I had done that, it got a random IP4 DHCP address and still no access to the gateway. The default gateway's IP address comes from Spectrum, I believe.

stephenw10

@vmsadmin said in WAN offline after reboot from local power outage:

The gateway is obviously functioning and can be pinged or none of our systems would have internet access.

So other hosts on the LAN side of the pfSense VM can connect out through pfSense?

The gateway might not necessarily respond to ping even if it's routing traffic correctly.

Do you have the default gateway set to WANGW specifically? Since you also have a LAN side gateway that might be selected if it's set to automatic.

vmsadmin

@stephenw10 Nothing on the LAN connects to anything through pfsense. LAN hosts typically use the LAN gateway to get to the outside. The pfsense firewall is used strictly for VPN connections coming from outside to our LAN. But all hosts on our LAN can ping the WANGW gateway at xx.xxx.xxx.113.

However, from the pfsense VM, the private IP addresses on our LAN can be pinged including its own static address at xx.xxx.xxx.118 but it cannot ping the WANGW at xx.xxx.xxx.113. It cannot ping anything from the outside world. I've tried pinging a few common websites as well.

I'm at a loss as to what could cause this. It's clear that the power failure and rebooting of all systems caused some kind of issue. As I said, none of the configurations in pfsense have changed. Nor has anything in the Miraki or LAN configurations. Nothing manually changed, anyway. And as I pointed out, all other systems are full go without issues. Just this one VM and whatever the cause is, it's nothing obvious.

stephenw10

@vmsadmin said in WAN offline after reboot from local power outage:

However, from the pfsense VM, the private IP addresses on our LAN can be pinged including its own static address at xx.xxx.xxx.118

You mean xx.xxx.xxx.118 as the source? Since your LAN side seems to be using 10.1.X.X?

This looks like some low level disconnection. If you try to ping xx.xxx.xxx.118 from the other router and run a pcap on the pfSense WAN do you see anything ariving at all?