Pfsense brings down whole network under special circumstances

  • Hi @all

    We replaced a Cisco PIX 506 with a wrap and pfsense 1.0.1. It has a very simple setup: nat, dhcp on lan, wan connected to official net.

    All went fine until I needed an official IP and moved my notebook from lan to wan: all connections via pfsense were broken AND other gateways (iptables) in our network stopped forwarding  :o  When the notebook was moved back into the lan all was fine again.

    I tried this with different OSs (Linux/WinXP), but nothing changes. Next I spoofed the mac of the notebook, put in into the lan, then into the wan: nothing bad happened  ???

    Next we took another notebook, spoofed its mac to the address of my notebook and tested again. All connections broke away.

    This morning we replaced the wrap with the old PIX and all is fine again - moving from lan to wan does not have any special effects.

    So there must be something going wild with pfsense and the mac address of my laptop. Any ideas what is going wrong here?


  • Sounds like some conflicts at layer2 (MAC) or layer3 (IP). Really hard to say but I doubt that it has something to do with pfSense.

  • Is your building built over an indian cemetery ?

  • @Juve:

    Is your building built over an indian cemetery ?  ;)

    some woodo helped to solve the problem… someone (me?) clicked on "copy mac" in the config screen of the wan interface  ???

    Found it by greping for spoof in the directory with the backup of the config file.

    Sorry for wasting your time.


  • :) This is called, not enough coffee syndrome. I never mess with config's until the coffee pot is half empty. Hope this helps some other noble fool who dares try to configure thing when they're not 'alert'.. heh..

