No DNS on console, but DNS forwarder is workig
I'm running 1.2.3-Release with 5 NICs. DHCP and DNS Forwarding are enabled and working fine (except that I had to enter DNS addresses in the DHCP setup before DNS Forwarding worked).
The problem is that I have no name resolution from the console (e.g. "www.ibm.com" cannot be resolved). What's more, I cannot ping my default gateway from the console, but I can from ANY other computer on any of the other 4 subnets.
The WAN subnet is 22.214.171.124/25 - the default gateway (router ip) is 126.96.36.199 and the WAN interface is 188.8.131.52.
My General Setup DNS entries are 184.108.40.206 and 220.127.116.11.
Any help would be greatly appreciated!!!!
wallabybob last edited by
I cannot ping my default gateway from the console
ping by name? ping by IP address? What failure explanation is offered.
At the shell prompt on the pfSense console (or ssh session) please type```
The output will show the name server used in the attempt to resolve www.ibm.com. If its not one of the name servers you configured I suggest you review your configuration looking into how that name server got to be used and if you can't find that name server specified, reboot and try again and report what happens. (Perhaps when you adjusted the name servers the GUI didn't quite do everything to supersede the previously specified servers.)
Following is the result from pinging my gateway IP address of 18.104.22.168 from the console or from the GUI WAN interface:
PING 22.214.171.124 (126.96.36.199) from 188.8.131.52: 56 data bytes
–- 184.108.40.206 ping statistics ---
3 packets transmitted, 0 packets received, 100.0% packet loss
However, I can ping the gateway address successfully from any other computer on any of the 4 internal networks, and from the GUI from any of the other 4 networks, with the following result:
PING 220.127.116.11 (18.104.22.168) from 192.168.40.1: 56 data bytes
64 bytes from 22.214.171.124: icmp_seq=0 ttl=255 time=0.947 ms
64 bytes from 126.96.36.199: icmp_seq=1 ttl=255 time=0.827 ms
64 bytes from 188.8.131.52: icmp_seq=2 ttl=255 time=0.850 ms
--- 184.108.40.206 ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.827/0.875/0.947/0.052 ms
Following are the contents of /etc/resolv.conf:
I have CRAWLED through the configuration OVER and OVER. I've had another very experienced pfSense user review it extensively. I've rebooted the server, all to no avail.
Please let me know whatevery info you need...I'll gladly provide it. It's been two VERY long days...see you tomorrow.
wallabybob last edited by
I'd run a packet trace on your WAN interface while you have a ping of the WAN gateway going. The trace should show outgoing frames queued to the driver (but not necessarily transmitted) and incoming frames before firewall rules are applied. If you see incoming ping responses then I would look at firewall log and firewall rules to see if the ping responses are being blocked. If you see no incoming ping responses I'd try to enlist the help of the administrator of the upstream gateway to see if they can provide an explanation for the lack of ping response.
Does your pfSense box do NAT?
Is there any possibility of multiple systems with the same IP address on the WAN subnet?
YOU DID IT!!!
I had never configured a NAT rule, so I never checked them. However, it appears that the firewall had configured a NAT rule for external management. I deleted that rule, and IT WORKS!!!!
Thanks for taking the time and expending your neurons to help me.