Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    HELP: CANNOT BROWSE AFTER INSTALLING PFSENSE

    Scheduled Pinned Locked Moved General pfSense Questions
    36 Posts 4 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      TheWall2
      last edited by TheWall2

      Hi everybody, I'm a newbie and have just installed pfSense on Virtualbox, where I have Kicksecure installed as well. I've followed exactly what's explained here:

      https://www.ceos3c.com/pfsense/install-pfsense-on-virtualbox/

      but, after changing the network adapter from NAT to intern in the VB Kicksecure settings, I cannot browse any websites.

      I had a look at firewall rules, there are some default ones and I really don't know what to do. Please explain with simple words, I've already tried to solve this issue by myself with the help of some Youtube videos but I wasn't able to.
      Thanks

      GertjanG stephenw10S 2 Replies Last reply Reply Quote 0
      • GertjanG
        Gertjan @TheWall2
        last edited by

        @TheWall2 said in HELP: CANNOT BROWSE AFTER INSTALLING PFSENSE:

        https://www.ceos3c.com/pfsense/install-pfsense-on-virtualbox/

        Be careful : things change. The guide you followed is from 2022.
        If you are aware off all the things that changed from then up until today, you might be able to follow such a guide.

        When you use a VM, you have to exactly match two complicated things.
        if these two are unknown to you, why not making live easier on yourself : first, make a VM work for you in its most simple setup : make a VM, put a Windows (or whatever you like to use) ISO in it, and set that up.
        pfSense : use a bare bone = dedicated hardware, an PC with one extra NIC will do just fine.
        Later on, you can start experimenting with VM that has "more then one" interface, and how to set up each interface, etc etc.

        @TheWall2 said in HELP: CANNOT BROWSE AFTER INSTALLING PFSENSE:

        I had a look at firewall rules, there are some default ones and I really don't know what to do

        Exact.
        A default pfSEnse has one WAN interface and one LAN interface with the correct firewall rules.
        Actually, pfSense is like any other router firewall out there : it works out of the box.

        Follow this guide : Virtualization

        edit : this one is already more recent - but I didn't check

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • stephenw10S
          stephenw10 Netgate Administrator @TheWall2
          last edited by

          @TheWall2 said in HELP: CANNOT BROWSE AFTER INSTALLING PFSENSE:

          after changing the network adapter from NAT to intern in the VB Kicksecure settings, I cannot browse any websites.

          Why did you do that? That's not a step in the guide.

          The pfSense VM WAN NIC has to be either bridged or NAT'd from the host to access anything external. If you set it to an internal network pfSense has no external route.

          T 1 Reply Last reply Reply Quote 0
          • T
            TheWall2 @stephenw10
            last edited by

            @stephenw10 I did that because I read it in another guide. Could you provide a link with detailed instructions on what to do? I'm not an expert and "bridged or NAT'd from the host" means nothing to me

            1 Reply Last reply Reply Quote 0
            • stephenw10S
              stephenw10 Netgate Administrator
              last edited by

              In the NAT setting there VirtualBox provides NAT, routing and DHCP as though it is a virtual router between that virtual NIC and the host physical NIC. That works in almost any situation.

              In the bridged setting it connects it dircetly to the host NIC as though it were a switch. That means that the Virtual NIC exists in the same subnet as the host. It will pull a DHCP lease from an external server etc.

              When you set it to one of the internal networks it's completely isolated from the host NIC so cannot connect to anything external.

              T 1 Reply Last reply Reply Quote 0
              • T
                TheWall2 @stephenw10
                last edited by

                @stephenw10 so what should I set exactly in VB or pfSense, in order to make my Kicksecure work with pfSense running? I've also entered pfSense admin panel at 192.168.1.1 but don't know what to do

                1 Reply Last reply Reply Quote 0
                • stephenw10S
                  stephenw10 Netgate Administrator
                  last edited by

                  I've never used Kicksecure, I'm not entirely sure what it is. Are you running that in a VM behind pfSense in VBox?

                  VBox has specific settings for it?

                  1 Reply Last reply Reply Quote 0
                  • stephenw10S
                    stephenw10 Netgate Administrator
                    last edited by

                    Oh wait I see, you changed the vitual NIC on the Kicksecure VM from NAT to internal?

                    That makes more sense, you would want to do that so traffic to/from it goes through pfSense.

                    That should work as long as your choose the same internal network the pfSense LAN NIC is set to.

                    You also need to make sure the pfSense LAN is not using the same subnet as anything else in your network. 192.168.1.X is common.

                    T 2 Replies Last reply Reply Quote 0
                    • T
                      TheWall2 @stephenw10
                      last edited by TheWall2

                      This post is deleted!
                      1 Reply Last reply Reply Quote 0
                      • T
                        TheWall2 @stephenw10
                        last edited by TheWall2

                        @stephenw10 That's exactly what I did. Kicksecure is Debian.

                        That should work as long as your choose the same internal network the pfSense LAN NIC is set to. You also need to make sure the pfSense LAN is not using the same subnet as anything else in your network. 192.168.1.X is common.

                        I doesn't work unfortunately. What should I do exactly? Which settings should I change and where? I set the Kicksecure network adapter from NAT to internal, which is the same as pfSense LAN NIC is set to (in pfSense I set 3 network adapters, 1st NAT, 2nd and 3rd internal network).

                        I know it's boring for you, but I'm a newbie and if you don't provide precise instructions I won't be able to solve my issue

                        1 Reply Last reply Reply Quote 0
                        • stephenw10S
                          stephenw10 Netgate Administrator
                          last edited by

                          What exactly doesn't work?

                          Does the Kicksecure VM pull a DHCP lease from pfSense?

                          Can it access the pfSense webgui?

                          T 1 Reply Last reply Reply Quote 0
                          • T
                            TheWall2 @stephenw10
                            last edited by TheWall2

                            @stephenw10 I cannot browse from Kicksecure, tried with 2 browsers. No data. I don't get any error message in pfSense, I can access pfSense admin panel from Kicksecure

                            1 Reply Last reply Reply Quote 0
                            • stephenw10S
                              stephenw10 Netgate Administrator
                              last edited by

                              Ok so it must have a valid IP address in the pfSense LAN subnet.
                              Is that pulling a lease fro pfSense or statically configured in the Kicksecure VM?

                              Are you using the default 192.168.1.1 as the pfSense LAN IP address?

                              T 1 Reply Last reply Reply Quote 0
                              • T
                                TheWall2 @stephenw10
                                last edited by TheWall2

                                @stephenw10 I don't know, I didn't change anything in pfSense panel (which I can access from 192.168.1.1). DHCP is enabled, no static address has been set in Kicksecure. What should I do exactly?

                                1 Reply Last reply Reply Quote 0
                                • stephenw10S
                                  stephenw10 Netgate Administrator
                                  last edited by

                                  In the pfSense webgui go to Status > DHCP Leases. Make sure the Kicksecure VM is shown there and note it's IP address.

                                  Next go to Diag > Ping and try to ping 8.8.8.8.

                                  Then try to ping google.com

                                  If that fails go to Diag > DNS Lookup and try to resolve google.com.

                                  Note the failure message in each case if it does.

                                  T 1 Reply Last reply Reply Quote 0
                                  • T
                                    TheWall2 @stephenw10
                                    last edited by TheWall2

                                    @stephenw10 When launching the pfSense panel for the 1st time, I set Primary DNS Server to 8.8.8.8. and Secondary DNS Server to 8.8.4.4

                                    In "Configure LAN Interface", LAN IP Address is 192.168.1.1 and Subnet Mask is 24.

                                    I went to Status > DHCP Leases, in "Leases" I see an active 192.168.1.100 with its MAC Address (I don't know if it's Kicksecure, anyway Kicksecure is the ONLY operating system installed in my VB). In "Lease Utilization" there's a LAN interface, the Pool start is 192.168.1.10 and the Pool end is 192.168.1.245. The USED value is 1, Capacity is 236.

                                    I pinged 8.8.8.8 and google.com and it worked. However, if I open a new tab in the same browser and enter www.google.com, it doesn't work.

                                    Also, in pfSense webgui main screen I see 2 interfaces: a WAN 1000baseT full duplex (10.0.2.15) and a LAN 1000baseT full duplex (192.168.1.1)

                                    T 1 Reply Last reply Reply Quote 0
                                    • T
                                      TheWall2 @TheWall2
                                      last edited by TheWall2

                                      I also had a look at the command window in pfSense inside VB, there's an error message: arprequest_internal: cannot find matching address

                                      1 Reply Last reply Reply Quote 0
                                      • stephenw10S
                                        stephenw10 Netgate Administrator
                                        last edited by

                                        Ok, that seems good.

                                        Can you ping 8.8.8.8 and/or google.com from Kicksecure?

                                        T 1 Reply Last reply Reply Quote 0
                                        • stephenw10S
                                          stephenw10 Netgate Administrator
                                          last edited by

                                          Does it show the address that is failing in that arp error?

                                          T 1 Reply Last reply Reply Quote 0
                                          • T
                                            TheWall2 @stephenw10
                                            last edited by TheWall2

                                            @stephenw10 No, if I ping them in Kicksecure (same browser used to access pfSense webgui but different tab) it doesn't work, it says it cannot contact google.com server. I've tried also using Tor in Kicksecure, it doesn't resolve any address so it's not a browser-related issue. I also pinged 8.8.8.8. in Kicksecure's terminal window, it didn't work.

                                            In pfSense webgui main window I can see the following DNS servers: 127.0.0.1, 10.0.0.243, 192.168.1.1, 8.8.8.8, 8.8.4.4

                                            Moreover, in the same window the USER is admin@192.168.1.100 (Local Database), so I don't know if 192.168.1.100 is Kicksecure. Anyway, this address is the only one shown in DHCP Leases.

                                            stephenw10S 1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.