Cannot connect to pfsense or get it to pass traffic through to ADSL router



  • Ok I've just about given up…

    I'm not to sure where to start but here goes,

    Specs,
    ASUS P5q-em 2.13 C2D chip, 2 gig of ram, IGD Graphics card... This box is more of a proof of concept until I get a d510 or equiv.
    current PFSENSE  version dump is :-

    2.0-BETA1
    built on Thu Apr 8 15:45:46 EDT 2010
    FreeBSD pfsense.home.com 8.0-STABLE FreeBSD 8.0-STABLE #0: Thu Apr 8 15:43:59 EDT 2010 ermal@FreeBSD_8.0_pfSense_2.0-snaps.pfsense.org:/usr/obj.pfSense/usr/pfSensesrc/src/sys/pfSense_SMP.8 i386

    Yes I know its beta, but I've had Exactly  the same problem  with 1.2.3. so I hope its my configuration/understanding problem

    I've gone ahead and tried  all sorts of configurations including of course  the default setup, I've read the Install guides, both on pf sense and from other blogs and done this on both stable and beta versions.

    The networking setup is:-

    -LAN internal NIC (realtek) gig E  full duplex connecting into a 18month old apple extreme wireless AP that has 5 gig e ports. ip address is 192.168.1.1 /24

    -WAN is currently  192.168.1.8 /24 via a PCI  3Com Nic 10/100 3c905 card (afaicr)

    • Default gateway was changed to 192.168.1.4 /24 ( due to ip conflict)

    • Op1  no used ( no port either !)

    I've tried the route of hardware issues and indeed found that the previous 3com PCI NIC was corrupting 80% of the frames so that got biffed and another one that I tested before, got used and is working fine as is the internal.....

    I'm more looking for the traffic analysis portion of pfsense/bsd  via packages at some point in the future... now all I'd like to do is to be able to connect to the box after setup. and use the basic functionality

    so diag... hope this formats ok.

    INTERNET-ADSL--ROUTER(.4)--100MEG FD---3COM nic(.8) pc REALTEK nic(.1)---1000MEG FD---APPLE(.101)---LAN etc...

    I've gone through and  disabled the FW on pfsense  after allowing all traffic through from both sides.
    then tried to get traffic through/to the box after configuring some VLANS ..no luck there !

    Symptoms... Once the pfsense box is configured as per the above I cannot reach it. Iv'e tried setting my DG to the pfsense box ip (.1) but no luck there.. but this should not make any difference as this is still in the broadcast domain for this  subnet.....

    I should at least be able to connect to the web  configurator page  and then work out  how to get it to PASS traffic onto the router but it won't  connect

    I've tried bridging the connection  but I think this is NOT what I want to do ... unless someone could please enlighten me as to the reasons for going  with transparent firewalling. :-[ bridging seemed to work, in that it passed traffic  and I was able to connect to it.

    So I'm completely stumped at the moment and was loathe to bother people  with some help but I just  can;t figure  what on gods green earth is going on here..... I hope and suspect that I'm lost in the woods and can't see the wood for the trees ..

    Any insights would be muchly appreciated....

    confused...Piers



  • You have on LAN and WAN the same subnet.



  • @plehmann:

    The networking setup is:-

    -LAN internal NIC (realtek) gig E  full duplex connecting into a 18month old apple extreme wireless AP that has 5 gig e ports. ip address is 192.168.1.1 /24

    -WAN is currently  192.168.1.8 /24 via a PCI  3Com Nic 10/100 3c905 card (afaicr)

    • Default gateway was changed to 192.168.1.4 /24 ( due to ip conflict)

    • Op1  no used ( no port either !)

    You have an illegal configuration. If you are routing between WAN and LAN then the WAN and LAN interfaces need to belong to different subnets. For example, you could change the lan interface to have IP address 192.168.11.1/24.

    INTERNET-ADSL–ROUTER(.4)--100MEG FD---3COM nic(.8) pc REALTEK nic(.1)---1000MEG FD---APPLE(.101)---LAN etc...

    I've gone through and  disabled the FW on pfsense  after allowing all traffic through from both sides.
    then tried to get traffic through/to the box after configuring some VLANS ..no luck there !

    Not clear why you would use VLANs so I suggest you not use VLANs until you get your basic configuration sorted out.

    Symptoms… Once the pfsense box is configured as per the above I cannot reach it. Iv'e tried setting my DG to the pfsense box ip (.1) but no luck there.. but this should not make any difference as this is still in the broadcast domain for this  subnet.....

    Depends on whether you are trying to connect to pfSense by hostname or by IP address.

    Here's what I'd do:

    1. Configure the Apple to have static IP address 192.168.x.101/24 and default gateway 192.168.x.1 (x not equal to 1)

    2. From the pfSense console select option 2 to change LAN IP address to 192.168.x.1/24

    3. From the Apple point a web browser to http://192.168.x.1, login on pfSense and proceed to configure DHCP etc.

    4. Change the Apple to get IP address by DHCP (if applicable).

    If you really want to use 192.168.1.0/24 as your LAN subnet you will need to tweak your WAN interface and ADSL router.

    I have assumed your physical connectivity is OK.



  • Much thanks to those that responded… Changed the networks and of course the routing now just works.. sigh..the bridging bit should have given me a hint...
    now time to play with the new setup :D
    strange that even with moderate loading (50% 6meg dsl line) the CPU ...core 2 duo 2.13Gig show 56% utilization... :O guess this is either an error in reporting or a function of beta software... time to head over to the 2.0 forum

    thanks again guys for the help I shall now be able to retain the small amount of hair left  :D
    Piers


Log in to reply