cannnot get internet access through pfsense after 3 years of no trouble
-
Sorry man i dont know how to do any of that just been going through a user guide about downloading a new certificate from my vpn provider, hopefully that works, its just rebooting now.
-
You can still connect to the pfSense webgui?
Can you connect to pfSense via SSH?
-
Hi mate no i cant even get in the control panel now after hours messing with the new certificate inputting all the things i needed to do.
Maybe i should have had a break from it instead of making things worse!
I rebooted it and it just looped around didnt go anywhere so i powered it down as it was stuck for a while.
Could it be the cables going to the internet router from pfsense have failed?
Im going to buy some new ones online.
I still have my isp modem working for now but now cannot access
192.168.1.1. for pfsense
I have no idea whats gone wrong, should i reinstall pfsense from scratch on a bootbale usb?
Im gutted this has happened as it was working seemlessly until yesterday.
Could you give me a bit of insight what the error message means as im not experienced with this software, it has just been working in spight of me all these years , I just put my open vpn details where they needed to go.
-
@shdjshdjshd said in cannnot get internet access through pfsense after 3 years of no trouble:
I rebooted it and it just looped around didnt go anywhere
So you are connected at the console and can see it stuck in a boot loop?
Can you see at what point it reboots?
-
I could last night but i got impatient and shut it down after about ten minutes as it wasnt goign anywhere.
Now i cant access it at all, i have a wifi access point attached to my firewall (pfsense) and it still says secured but no internet, looks like im stuffed.
I can access the logs from my isp router, dont know if they will help though
-
So you can't connect to the physical console on the firewall?
If there's no output there then you could be looking at a hardware failure.
-
Cannot access it, it says secured but no internet on the clickable drop down for internet options
I suppose i will reset my firewall on its reset button to see if it revives, If it does happy days nad i will have to go through the manual installation again
-
Right but the physical console doesn't require any external access.
To be clear I'm talking about either a keyboard and monitor or a serial terminal connected directly to the firewall.
What hardware are you using?
-
i am using a protectli vault
i have managed to connect to the firewall itself with a monitor and keyboard just going to see if i can get back to the gui on 192.168.1.1. in a moment
It is at least outputting that pfsense is still on the firewall so maybenthats good dont know yet.
It did some loading on the drive when i connected the monitor any ideas what to do now?
Its given me page of options from 0-16
-
Ok so it's booting to the console menu. That's good that implies it's booting fully.
So above the console menu it should show the interface IP addresses and subnets. Check those are correct.
Try to ping something using menu option 7. Can you pings anything internal? Anything external?
-
Thanks Stephen forgive me im a novice at this.
it is gving three IP address options Lan, opt1 and opt 2
all with 192.168.1.1(2,3)/24
Should i try pinging all three of those?
Should i try to ping the v4/dhcp4 ip also?
the vpn ip seems to be missing
when i choose those ip s to ping nothing seems to happen
-
Those are the addresses shown above the menu? Like, for example:
*** Welcome to Netgate pfSense Plus 24.11-BETA (arm) on 3100 *** WAN (wan) -> mvneta1.4084 -> LAN (lan) -> mvneta1 -> v4: 192.168.18.1/24 LAGG0 (opt1) -> lagg0 -> v4/DHCP4: 192.168.221.11/24 OPENVPN0 (opt2) -> ovpnc2 ->
And they are in different subnets? So 192.168.1.1/24, 192.168.2.1/24 and 192.168.3.1/24.
If the WAN is DHCPv4 does it have an address?
If it does can you ping 8.8.8.8?
-
yes
the wan DHCPv4 has an address os 192.168.0.2/24
I have pinged the wan address above i think it has given a few new options (i think anyway)
option 2 on list is set interface ip address
one thing i noticed when the vault turned on that it said the update ( what config file i updated with) was made with a newer release than 2.7.0. (2.7.2.) it says to reset to factory default as the vault is not updated to run it or words to that effect.
it says the ping sent three packets, three packets received on 8.8.8.8
0.0% packet loss
-
@shdjshdjshd said in cannnot get internet access through pfsense after 3 years of no trouble:
it says the ping sent three packets, three packets received on 8.8.8.8
OK, that's good.
Try running option 13 and see if it sees the 2.7.52 update.
If it doesn't then use option 8 to drop to the command line and run:
certctl rehash
.Then type exit to get back to the menu and try option 13 again.
-
Okay thanks for that it seems to have updated to the latest version
I have tried to connect via a wifi access point to the vault again but no luck and i cant login via a browser at 192.168.1.1.
any further ideas?
I remember going through and adding a new open vpn certificate for the vpn before it starting this weird behavious, i could log in to the gui before adding that, im guessing there is a conflict with whatever i did and let it stuck at rebooting which lead to all this.
-
This is nothing to do with the VPN.
First try to connect directly to the LAN port, not via wifi.
-
Thanks Stephen no joy unless its something different to typing in 192.168.1.1 in a browser?
Ive plugged in an enthernet cable from the lan port on the firewall to my laptops network port.
Sorry for being such a beginner with all this and i really appreciate you bearing with me!
-
It may not be at that address, it depends what you have the LAN interface configured to be.
That also relies on your laptop having an address in the same subnet. Is it receiving an address from pfSense via DHCP?
-
to be honest with you ive not much knowledge in this area, i was using a config file to just input my vpn details into it. Like i say it was working perfectly until 4 days ago.
Can you recommend a book to read about all this as i am feling pretty lost with it all.
I feel like i need to learn this from the ground up and at least get some basic understanding with it all.
In the meantime maybe i should just reset the vault to factory settings and download the config file? What do you think?
One thing i did notice when the firewall is cycling through the setup screen with just kyboard and monitor connected is that it is asking for my ovpn password, i will try and put something in there that matches the last details i put in before it crashed.
-
@shdjshdjshd said in cannnot get internet access through pfsense after 3 years of no trouble:
that it is asking for my ovpn password,
Ah, that is almost certainly because you created an OpenVPN client config that requires a password and didn't enter one. It should still continue to boot once you enter a password there though.
I assume it did since you're able to reach the console menu which is only shown when bootup completes.
From the console menu you can try using option 15 to roll back the config. List the configs to see if you have one from a suitable date.