cannnot get internet access through pfsense after 3 years of no trouble
-
Hi Guys
This is the error i am currently getting , as a beginner i have no idea what to do to remedy this so any help appreciated.
If anyone could guide me what to do i would really apprecaite it.
Thank you
There were error(s) loading the rules: /tmp/rules.debug:58: could not parse host specification - The line in question reads [58]: nat on $WAN inet from 192.168.3.0/24 to any -> wanip/32 port 1024:65535
I am wanting to route traffic through open vpn details and i have inputted these into the appropriate place. I have experience of doing that but nothing else, I use a config file from a privacy provider that has worked for the last 3 years.
The error on the open vpn screen is
Reconnecting (Could Not Determine Ipv4/ipv6 Protocol)
I cannot upgrade pfsense to 2.7.2 (im on 2.7.0. ) as i cant connect to the internet with the firewall (if that is omething to do with it?)
-
Hmm, looks like it's not populating that system alias for some reason.
Is the 192.168.3.0/24 subnet your LAN?
Are you using auto outbound NAT? If not check you don't have a manual rule referencing something that doesn't exist.
However even with no outbound NAT rules loading you should be able to upgrade. pfSense itself does not require NAT.
Since it's stuck on 2.7.0 though you should try running at the CLI:
certctl rehash
Then recheck.Steve
-
Sorry man i dont know how to do any of that just been going through a user guide about downloading a new certificate from my vpn provider, hopefully that works, its just rebooting now.
-
You can still connect to the pfSense webgui?
Can you connect to pfSense via SSH?
-
Hi mate no i cant even get in the control panel now after hours messing with the new certificate inputting all the things i needed to do.
Maybe i should have had a break from it instead of making things worse!
I rebooted it and it just looped around didnt go anywhere so i powered it down as it was stuck for a while.
Could it be the cables going to the internet router from pfsense have failed?
Im going to buy some new ones online.
I still have my isp modem working for now but now cannot access
192.168.1.1. for pfsense
I have no idea whats gone wrong, should i reinstall pfsense from scratch on a bootbale usb?
Im gutted this has happened as it was working seemlessly until yesterday.
Could you give me a bit of insight what the error message means as im not experienced with this software, it has just been working in spight of me all these years
, I just put my open vpn details where they needed to go. -
@shdjshdjshd said in cannnot get internet access through pfsense after 3 years of no trouble:
I rebooted it and it just looped around didnt go anywhere
So you are connected at the console and can see it stuck in a boot loop?
Can you see at what point it reboots?
-
I could last night but i got impatient and shut it down after about ten minutes as it wasnt goign anywhere.
Now i cant access it at all, i have a wifi access point attached to my firewall (pfsense) and it still says secured but no internet, looks like im stuffed.
I can access the logs from my isp router, dont know if they will help though
-
So you can't connect to the physical console on the firewall?
If there's no output there then you could be looking at a hardware failure.
-
Cannot access it, it says secured but no internet on the clickable drop down for internet options
I suppose i will reset my firewall on its reset button to see if it revives, If it does happy days nad i will have to go through the manual installation again
-
Right but the physical console doesn't require any external access.
To be clear I'm talking about either a keyboard and monitor or a serial terminal connected directly to the firewall.
What hardware are you using?
-
i am using a protectli vault
i have managed to connect to the firewall itself with a monitor and keyboard just going to see if i can get back to the gui on 192.168.1.1. in a moment
It is at least outputting that pfsense is still on the firewall so maybenthats good dont know yet.
It did some loading on the drive when i connected the monitor any ideas what to do now?
Its given me page of options from 0-16
-
Ok so it's booting to the console menu. That's good that implies it's booting fully.
So above the console menu it should show the interface IP addresses and subnets. Check those are correct.
Try to ping something using menu option 7. Can you pings anything internal? Anything external?
-
Thanks Stephen forgive me im a novice at this.
it is gving three IP address options Lan, opt1 and opt 2
all with 192.168.1.1(2,3)/24
Should i try pinging all three of those?
Should i try to ping the v4/dhcp4 ip also?
the vpn ip seems to be missing
when i choose those ip s to ping nothing seems to happen
-
Those are the addresses shown above the menu? Like, for example:
*** Welcome to Netgate pfSense Plus 24.11-BETA (arm) on 3100 *** WAN (wan) -> mvneta1.4084 -> LAN (lan) -> mvneta1 -> v4: 192.168.18.1/24 LAGG0 (opt1) -> lagg0 -> v4/DHCP4: 192.168.221.11/24 OPENVPN0 (opt2) -> ovpnc2 ->And they are in different subnets? So 192.168.1.1/24, 192.168.2.1/24 and 192.168.3.1/24.
If the WAN is DHCPv4 does it have an address?
If it does can you ping 8.8.8.8?
-
yes
the wan DHCPv4 has an address os 192.168.0.2/24
I have pinged the wan address above i think it has given a few new options (i think anyway)
option 2 on list is set interface ip address
one thing i noticed when the vault turned on that it said the update ( what config file i updated with) was made with a newer release than 2.7.0. (2.7.2.) it says to reset to factory default as the vault is not updated to run it or words to that effect.
it says the ping sent three packets, three packets received on 8.8.8.8
0.0% packet loss
-
@shdjshdjshd said in cannnot get internet access through pfsense after 3 years of no trouble:
it says the ping sent three packets, three packets received on 8.8.8.8
OK, that's good.
Try running option 13 and see if it sees the 2.7.52 update.
If it doesn't then use option 8 to drop to the command line and run:
certctl rehash.Then type exit to get back to the menu and try option 13 again.
-
Okay thanks for that it seems to have updated to the latest version
I have tried to connect via a wifi access point to the vault again but no luck and i cant login via a browser at 192.168.1.1.
any further ideas?
I remember going through and adding a new open vpn certificate for the vpn before it starting this weird behavious, i could log in to the gui before adding that, im guessing there is a conflict with whatever i did and let it stuck at rebooting which lead to all this.
-
This is nothing to do with the VPN.
First try to connect directly to the LAN port, not via wifi.
-
Thanks Stephen no joy unless its something different to typing in 192.168.1.1 in a browser?
Ive plugged in an enthernet cable from the lan port on the firewall to my laptops network port.
Sorry for being such a beginner with all this and i really appreciate you bearing with me!
-
It may not be at that address, it depends what you have the LAN interface configured to be.
That also relies on your laptop having an address in the same subnet. Is it receiving an address from pfSense via DHCP?
