ATT Internet AIr
-
@stephenw10
So I guess a VLAN general question
If I try to go through the igb3 interface connection the connection to the switch 192.168.3.100 would not connect at all
The trunk (port 1 of the switch) is connected to the igb3 port of pfsense
The VIP configured in way # 1 doesn’t allow connection at all
The VIP configured in way #2 works it connects. But the connection is so slow it’s almost unusable![alt text]![IMG_0336.jpeg]
(/assets/uploads/files/1733452318123-img_0336.jpeg)
-
@ahole4sure I did not mean for you to set the pfsense interface to static, I meant only the TPLink switch.
The problem you were having before was that the TPLink was "stealing" the IP that was handed out by ATT meant for pfsense. It seems you already had it set as static now.
The other way to secure that pfsense would get the IP, was to enter the pfsense MAC into the ATT interface and set the Passthrough mode to static there. In this context in the ATT modem, static means the IP should only go to one single device (the one defined with the MAC). So even though it seemed like that setting didn't really survive a reboot, it should secure that you get your Public IP via DHCP as desired.So basically the only thing I was thinking you should be testing was to remove this Blocked device, from the ATT settings you did some time earlier (I suppose as a way to make sure the IP was handed out to the right interface).
My thinking was that this strange and continous disconnect and reconnect that the ATT modem is doing, is because you have the MAC of the switch set as Blocked. So the ATT modem blocks it, and then there is no connection and it also no longer see's the MAC so it tries to connect and discovers that MAC again... and then it cycles again....
The way to reach the ATT interface is going to be via the WAN port of pfsense which is back to that discussion above. One way is to set a static route in System > Routing and just have the 192.168.3.100 IP set as going out that gateway.
-
Yup you'd need that VIP on the VLAN not the parent NIC because I think you have removed VLAN1 from the trunk port in the switch? Otherwise it could be on igb3 directly.
So really it depends what VLANs the switch gui is configured to listen on.
-
@Gblenn
I can't thank. oyu enough for continuing to try to help me resolve this issue -- and yes this strange connecting and disconnecting has to have a sourceSome addn't info that I may not have made clear -- I HAVE had the MAC address in the ATT device sice it was discussed before. Of note, if you connect to a different device the MAC address changes so I have had to enter the MAC address (if the device was out of the needed environment) and the apply the change and then disconnect the device. Currently the MAC address appears to be "sticking" and having it there does not seem to help the weird connect/disconnect issue when trying to connect through VLAN and still use DHCP at the pfsense level. (the ATT dhcp has been off as well).
The other reason that kinda made me think the "block device" was not a source of the problem is that it happened on the Linksys switch as well (and that was not the blocked MAC address - the blocked MAC address was form the TP-Link).I can defintely try to unblock the "block" but I don't think it is involved
And @Gblenn and @stephenw10
At this point - having spent tens of hours on this -- I wonder if I should just quit trying to include DHCP into the mix since ATT has given me a ststic IP for now (I was originally trying to future prrof things in case I didn't always have a static and tryign to accept the challenge to "make it work") -
Mmm, if it works reliably with a static configuration I'd go with it. Maybe AT&T don't expect DHCP to work in that setup.
-
@stephenw10 said in ATT Internet AIr:
Mmm, if it works reliably with a static configuration I'd go with it. Maybe AT&T don't expect DHCP to work in that setup.
@ahole4sure Alternatively, change it so you only have VLANs on your LAN (igb1) interface and keep the WAN interfaces clean and directly attached to the ATT modem(s).
-
Hopefully one of you guys are around -- I was still trying to experiment and get an understanding of why things wouldn't work
(also noticed some pretty long reboots - weird behavior)NOW THE BOX IS UNACCESSIBLE
It's been so long since I set it up. I have it out of the rack setup and on the bench. Only one cable connected.to LAN. No access.
It will be a disaster if all my setup is gone (spent hours settting up Wireguard VPN, and even more hours setting up HaProxy stuff) - but I have no backup!! dumb I get it
Whats best way to troubleshoot and hopefully save something
-
@ahole4sure Hmm, try connecting a WAN cable to see if that helps. I'm not sure but I think I have seen that happen when it's disconnected. Also, check your IP settings in the PC you are using. Does it have an IP in the correct subnet?
BTW, I think the long boot time may be due to it waiting to see if WAN is there, so there is a pause in the boot process...
-
-
@Gblenn Was able to get an HDMI connected and here is the error -- looks like a disater
I ordeered a new box on Amazon at 330 amBut if I have lost all my config the I am SUNK
-
@ahole4sure Check if there is something in this thread that can help you?
https://forum.netgate.com/topic/185312/config-xml-empty-subsequent-inability-to-restart-properly-and-what-i-did/2
In particular that he was able to log in via console (SSH?) and replace the empty file with another one. I guess though that if you don't have any backup at all, it will be really tough if it is empty. It is /cf/conf/config.xml that you are looking for.
I "consoled" in and did some snooping.
The error I saw was a PHP stack trace that ultimately pointed at config.xml being empty (pasted after my closing)
I looked and saw that...it was an empty file (zero length)
I found a recent backup that was non-empty (the latest was empty) and copied that into place.
I then rebooted and things returned to normal. -
@Gblenn I guess I don't know how I would console in since it looks like I have no access via the ethernet ports
-
But using a keyboard directly can you bring up the menu? Or just a prompt?
That looks like either filesystem damage or a failed upgrade. Was is hard powered off?
If it's running UFS try running FSCK frm single user mode:
https://docs.netgate.com/pfsense/en/latest/troubleshooting/filesystem-check.html#manual-filesystem-check -
@stephenw10
Did fsck 5 timesHere is the same error after reboot
And yes I am a dumb_ss - I think it might have been hard powered off -- I was distracted with comething else on another screen and I think I held the power button longer than normal
-
What are my options??
Is there anyway to find a config file anywhere in the pfsense OS?
Or do I have to reinstall? Will a re-install possibly find a backup? -
Yes you should be able to access the config file in /cf/conf/config.xml and the previous 30 files in /cf/conf/backup if you can get a command prompt.
You can access it from single user mode but your options for copying it off are limited from there.
If you can get a prompt after allowing it to boot normally you can try to scp it to some other device.
If you have a serial console you can always just copy/paste it directly if required.
You can insert a fat formatted USB stick (or use the fat partition on the installer image) mount that and copy the config file to it.
But, yes, reinstalling should give you the option to recover the config file.
-
@stephenw10
So I have downloaded the pfsense latest version and I am flashing to USB nowRe-install shoul give an option to restore?
And do you agree that is basically my best option now? I don't think I still have the serial cable -- I am using HDMI and a keyboard
-
@ahole4sure And it is not responding if you try to SSH into it?
-
@Gblenn no I cannot get any port to respond to ssh
Am i doing nything wrong -- just connect ethernet to prior LAN port?
It is not allowing any communication that way -
If you're using the Net Installer it shows you the config it has recovered and will use so you can know it worked.
