Major, major cock-up
-
Hello all - me again (sorry!),
I'm quickly learning pfSense and it's working - or it was!!
The situation is that pfSense will be 'managing' a vLan situation (where all vLans are totally separate from each other and cannot talk - except for the phone vLan which everyone can talk to). I hadn't done the firewall rules to allow this yet, but I had got it DHCPing the vLans correctly.
Trouble is that now I can't get a WAN (internet) connection now from any of the vLans (or even the LAN itself - no switch, straight into the pfSense box). I know that the modem/router is working fine (I'm using it now) and from pfSense I can ping addresses. It was working fine (not sure how/when it stopped).
Can somebody tell me where I've gone wrong??? My guess is that it is to do with the gateway settings - but I've tried a few bits (all without luck).
Just for info,
The pfSense box is currently DHCPed on the WAN side to 192.168.1.17
The vLans exist as 10.1.0.100-199, 10.2.0.100-199, all the way up to 10.64.0.100-199
I've tried gateway entries of 'dynamic', 10.3.0.1 (I was testing on vLan 3), 10.1.0.1 (still on vLan 3), 192.168.1.17I'm supposed to make this live tomorrow at the latest (should have been earlier this week). I've also got to play around with dedicated public IP addresses for each vLan (currently on a different connection without the batch of IP addresses)
-
The pfSense box is currently DHCPed on the WAN side to 192.168.1.17
One possible remedy:
Goto to pfsense -> Interfaces -> WAN and uncheck the "Block private networks" checkbox, if it is checked. -
Thanks - but, just tried it and nothing.
I've just realised that my dhcped address is showing with 2 gateways 10.1.0.1 & 10.3.0.1 - that shouldn't be the problem, should it?
-
Well, I don't know what caused it, but I've semi rescued things - I've managed to restore a backup of an earlier stage.
Still got a number of things to do - or redo!! So that teaches me the lesson of ALWAYS TAKE REGULAR BACKUPS!!! I used to (enough that I annoyed people by constantly doing it), but I've slacked a bit!
-
To help anyone else who has this problem, I think it was down to the firewall rules somehow going. I might have somehow deleted them when I was editing the config file.