cannnot get internet access through pfsense after 3 years of no trouble
-
Thanks Stephen forgive me im a novice at this.
it is gving three IP address options Lan, opt1 and opt 2
all with 192.168.1.1(2,3)/24
Should i try pinging all three of those?
Should i try to ping the v4/dhcp4 ip also?
the vpn ip seems to be missing
when i choose those ip s to ping nothing seems to happen
-
Those are the addresses shown above the menu? Like, for example:
*** Welcome to Netgate pfSense Plus 24.11-BETA (arm) on 3100 *** WAN (wan) -> mvneta1.4084 -> LAN (lan) -> mvneta1 -> v4: 192.168.18.1/24 LAGG0 (opt1) -> lagg0 -> v4/DHCP4: 192.168.221.11/24 OPENVPN0 (opt2) -> ovpnc2 ->
And they are in different subnets? So 192.168.1.1/24, 192.168.2.1/24 and 192.168.3.1/24.
If the WAN is DHCPv4 does it have an address?
If it does can you ping 8.8.8.8?
-
yes
the wan DHCPv4 has an address os 192.168.0.2/24
I have pinged the wan address above i think it has given a few new options (i think anyway)
option 2 on list is set interface ip address
one thing i noticed when the vault turned on that it said the update ( what config file i updated with) was made with a newer release than 2.7.0. (2.7.2.) it says to reset to factory default as the vault is not updated to run it or words to that effect.
it says the ping sent three packets, three packets received on 8.8.8.8
0.0% packet loss
-
@shdjshdjshd said in cannnot get internet access through pfsense after 3 years of no trouble:
it says the ping sent three packets, three packets received on 8.8.8.8
OK, that's good.
Try running option 13 and see if it sees the 2.7.52 update.
If it doesn't then use option 8 to drop to the command line and run:
certctl rehash
.Then type exit to get back to the menu and try option 13 again.
-
Okay thanks for that it seems to have updated to the latest version
I have tried to connect via a wifi access point to the vault again but no luck and i cant login via a browser at 192.168.1.1.
any further ideas?
I remember going through and adding a new open vpn certificate for the vpn before it starting this weird behavious, i could log in to the gui before adding that, im guessing there is a conflict with whatever i did and let it stuck at rebooting which lead to all this.
-
This is nothing to do with the VPN.
First try to connect directly to the LAN port, not via wifi.
-
Thanks Stephen no joy unless its something different to typing in 192.168.1.1 in a browser?
Ive plugged in an enthernet cable from the lan port on the firewall to my laptops network port.
Sorry for being such a beginner with all this and i really appreciate you bearing with me!
-
It may not be at that address, it depends what you have the LAN interface configured to be.
That also relies on your laptop having an address in the same subnet. Is it receiving an address from pfSense via DHCP?
-
to be honest with you ive not much knowledge in this area, i was using a config file to just input my vpn details into it. Like i say it was working perfectly until 4 days ago.
Can you recommend a book to read about all this as i am feling pretty lost with it all.
I feel like i need to learn this from the ground up and at least get some basic understanding with it all.
In the meantime maybe i should just reset the vault to factory settings and download the config file? What do you think?
One thing i did notice when the firewall is cycling through the setup screen with just kyboard and monitor connected is that it is asking for my ovpn password, i will try and put something in there that matches the last details i put in before it crashed.
-
@shdjshdjshd said in cannnot get internet access through pfsense after 3 years of no trouble:
that it is asking for my ovpn password,
Ah, that is almost certainly because you created an OpenVPN client config that requires a password and didn't enter one. It should still continue to boot once you enter a password there though.
I assume it did since you're able to reach the console menu which is only shown when bootup completes.
From the console menu you can try using option 15 to roll back the config. List the configs to see if you have one from a suitable date.
-
Thanks I have restored the earliest one i could find before it crashed.
I just need to work out now howto access the control panel on the firewall , struggling to work it out with the ethernet cable option
-
Well if DHCP as enabled on LAN and your laptop is configured to use DHCP then it should just pull a lease in the correct subnet. That is the normal setup and what I would expect you had it set to.
It's also possible the wifi access point was running the dhcp server so you might try through that again.
I would make sure your laptop is setup for dhcp first though.
-
ok i seem to be back in the gui for some reason through the ethernet cable. It seems to have liked it when the firewall was switched into the menu first before attching the cable to my laptop, can now be opened via password on web browser.
I can see i have two vpn clients, maybe that was where the conflict was but i was having no internet before i added the second client.
Any idea how to proceed from here?
on the open vpn client instance statistics page it says
Reconnecting (Could Not Determine Ipv4/ipv6 Protocol)
-
Hmm, there are a whole bunch of things that could be an issue if you're policy routing traffic via OpenVPN.
How did you set it up originally? Did you follow a guide?
The first thing to do here is find the missing password and either enter it in the OpenVPN client config or disable that client.
-
Hi yes its through a intel techniques ( a privacy website ) firewall config file and user guide. I have reinstalled that tonight and can now access 192.168.1.1 wirelessly from my laptop, it doesnt appear to be as seemless as before though.
I have some new ethernet cables on order as in theory everything should work now. I need to plug the firewall into my isp router.
I have re setup my access point and i am connected to that .
Once i use my new cable to my ISP router into the firewalls wan port it "should" work, will report back once those cables arrive.
-
Hi Stephen just wanted to say thanks so much for all your help in this.
I think the thing i got wrong was the server name in pfsense was changed by the vpn provider unawares to me.
New cable arrived today seems to have helped connect to the wan. I disabled all dhcp in my isp router also.
I guess they changed the catch all address i was using to connect to the fastest server and i am now choosing a specific ip address from inside my pf sense console.
Really great software this and i am thankful for not just connecting the vpn app every time again.
Thanks again man
-
No worries, glad you were able to get back up and running.