WAN2 will not connect
-
I have a Netgate 2100 with a normal broadband internet connection.
I want to use my Three 5G router as a backup WAN connection.
So I added a new interface called WAN2 and selected the LAN1 network port.
Its configured with a static IP of 192.168.0.1/24I then created a new IP4 Upsteam gateway with an IP of 192.168.0.2, editing the monitoring IP to be 8.8.4.4
At this point, I expected that the gateway would show itself as online, but its offline.
I have tested 192.168.0.2 using a laptop and it works fine, so I must be missing something in my config.
-
@MartynK said in WAN2 will not connect:
Its configured with a static IP of 192.168.0.1/24
and you've created and set a "IPv4 Upstream gateway" (= 1292.168.0.2) ?
@MartynK said in WAN2 will not connect:
I have tested 192.168.0.2 using a laptop and it works fine
So the GUI (?) of the "Three 5G router" can be accessed with http(s)://192.168.0.2 ?
Can you ping 192.168.0.2 ?@MartynK said in WAN2 will not connect:
At this point, I expected that the gateway would show itself as online, but its offline.
It will me indicated as 'Online' if ICMP (ping packet send out over that WAN2 interface reach the destination (8.8.4.4) and the 8.8.4.4 cam back.
For this to happen, the "Three 5G router" should be connected to the 5G, the IPv4 link must be 'UP', etc.
Tip : temporary set the monitor IP to 192.168.0.2 - the upstream, WAN2 connected router.
If 192.168.0.2 replies to ping, the WAN2 will be shown as up.
And you get it : this doesn't say much about the fact if the link is actually working. -
@Gertjan Yes the static IP is 192.168.0.1/24 and the IP of the upstream gateway is 192.168.0.2
When I plug the router in to a laptop, yes, I can ping the router and access the internet, hence I am saying that 192.168.0.2 is working.
The link for LAN1 is showing as up (a green arrow).
Changing the monitor IP to the gateway IP has no effect, the gateway is still showing as down.
-
@MartynK said in WAN2 will not connect:
When I plug the router in to a laptop, yes,
That laptop, at that moment, was it set to DHCP or did you force a static IPv4 (and gateway and DSNS = 192.168.0.2) ?
@MartynK said in WAN2 will not connect:
The link for LAN1 is ...
The pfSense LAN1 ? That's not related, the pfSense LAN is, up as soon as you hook up a switch or another wired device.
I do presume your LAN has a static setup (like the default 192.168.1.1) and that the pfSense LAN has DHCP server v4 activated. The devices connected to pfSense LAN, direcly or via a switch, should use DHCP, so they can obtain an Ipv4 lease out of the pfSense DHCPv4 pool. If your laptop was still locked into 192.168.0.1 then it's totally normal that "nothing works".
If possible, set up (keep ? - as I really presume that DHCP server is there by default) on your "Three 5G router" the DHCPv4 server (on it's "LAN").
Set the LAN IP of this device to "192.168.0.1".
From now on, you can select for your pfSense WAN2 interface : "DHCP" as the connection method, and your done. pfSense will receive an IPv4 on the WAN2 interface something between 192.168.0.2 and 192.168.0.x (from the "DHCP server pool from the "Three 5G router"). -
@Gertjan When testing with the laptop, I unplugged the Three broadband from Netgate and plugged it directly in to the laptops network port.
When I am saying LAN1, this is the port I have selected to use as WAN2
Network devices are connected to LAN2 via a switch and LAN2 is running DHCP with a gateway IP of 192.168.100.1, so the network is working fine and the internet is accessible via WAN
Its just WAN2 that I am missing something.
-
The pfSense WAN2 (you've called it LAN1) : can you set to :
and then connect it (pfSense WAN2) to the to "Three 5G router" LAN port, and then check here :
said in WAN2 will not connect:
That laptop, at that moment, was it set to DHCP or did you force a static IPv4 (and gateway and DSNS = 192.168.0.2) ?
?
-
@Gertjan I have not called in LAN1, I have pluged the cable in to LAN1 and then using that as WAN2
And this is the current status.
-
And then this is what I get for the gateway
where 192.168.0.2 is the IP address of the Three %G Modem.
-
@MartynK can you put your modem in bridge mode and just let the wan2 of the PFsense get the address? You would have to put it in DHCP. Works for me with my Netgear modem..
-
@chpalmer OK, I have just changed the router to what it calls IP Passthrough which is where the public IP is passed through to pfSense.
Looking at the WAN gateway I can see that the "Gateway" is defined as "dynamic".
So I have tried this on WAN2, but it does nothing, the gateway is still showing as offline.
The physical cable from the 5G router is plugged in to LAN1 on the router and I configured the WAN2 assignment to use port LAN1
I just dont know what else to try.
-
So deleting the gateway and recreating it I have managed to get it online,
But its not showing the public IP like WAN does and I think the monitoring test is going via the WAN instead of WAN2
-
@MartynK It will show what you have in there for monitoring.
Not knowing who your carrier is I can only guess that you are behind CGNAT. But I could be wrong.
Mine is Verizon and I get addresses in the 100.x.x.x range. My gateway right now for my WAN 2 is 100.84.82.1 which is apparently very close as that gateway reports 1.1ms latency. My WAN 2 address is 100.84.82.61. You will not be able to ping it from outside so I do not care that anyone knows it. Changes quite often anyways. BTW- Look up the MTU for your carrier.. Verizon should be set for 1400 according to what Ive researched.
Since WAN2 for me is always secondary I do not care that it might be pinging something local. I have come back later when I did ping one of the routers in my traceroute to find that it no longer responded even though the modem was still online.
This is my gateway.. It was at one time a WAN 3 here so the name cannot be changed unless I start over with it which I haven't done. But ignore that.
p.s. you should still be able to reach your modem by its LAN address as well.. Mine is 192.168.5.1 and I look at it fairly often to check its signal strength.
-
Another way to check outside connectivity: With the 5G modem connected to pfSense, if you go to Diagnostics / Ping and select WAN2 as source address, are you able to reach (ping) outside websites? If you are able to ping websites, but the Gateway is still showing as offline (when you are using an outside monitoring IP such as 8.8.4.4), you may need to adjust the
Data Payloadparameter for dpinger from the default 1 to a larger value in the WAN2 gateway's advanced settings under System / Routing / Gateways.https://docs.netgate.com/pfsense/en/latest/routing/gateway-configure.html#advanced-gateway-settings
Hope this helps.
