New install. Transparrent mode. No Interent access



  • I've built a new box from the LiveCD with HDD installation onto a two NIC system following the guild at http://pfsense.trendchiller.com/transparent_firewall.pdf  but I don't have any access to the Internet from the box behind pfsense.

    I have a TWC modem with fixed IPs, let say 12.13.14.15/28  My gateway is 12.13.14.15  which is connected directly to my pfsense box NIC0(WAN).  NIC1(LAN) then connects directly into a server.

    I've set my  WAN interface to static with 12.13.14.16 and gateway of 12.13.14.15/28  I'm not blocking private networks.

    On the LAN Interface I have it set to static with an IP of 192.168.4.1/24 and a gateway of LANGW -12.13.14.15 and I've cleared the boxes so Private networks are not blocked.

    I can go from the outside to the hosted websites on the server, but I can't go from the server to anywhere at all.  Any suggestions?  And yes, I'm new.  Everyone is at some  point and it's my turn.



  • Wow, that guide is for a REALLY old version of pfSense.  The concepts are the same though.

    The issue that pops out at me is that your LAN interface is not the same network as your WAN.  Try changing the LAN config to 12.13.14.17/28 and your server to 12.13.14.18/28 and see if things start to work.  Also make sure you don't have any rules setup that will block traffic.



  • Yes, I saw it was for Version 1 but it was still the best one I was able to find for transparent mode.  I spent a few hours looking for something for the current version but couldn't find it.  I figured most of the stuff was still the same and a bit of common sense allowed me to fill in the blanks.

    I wondered about that LAN network range when I did it.  I double checked the rules  but didn't change the network range.  Guess I should have.

    So I've changed it to a fixed IP, say  12.13.14.17/28    When I got to findmyip.com it reports that it's 12.13.14.19    If I change the LAN to 12.13.14.19 however I then lose connectivity.  I'm guessing because that's my WAN IP and I can't set the WAN and LAN to be the same.  My WAN setting in pfsense i 12.13.14.16 (one IP higher than the gateway).  But it's working, so I guess I should leave it alone.



  • An IP finder site will report the IP of the router if you are using NAT and the IP of the computer if you are bridged or publicly-routed.

    In your case, if you are getting .19 from findmyip.com then that must be the IP you assigned to the server.



  • OK. Got some help with this over the weekend (thank you Glenn! and Chris!).  The problem is Time-Warner.  They aren't allowing pfsense to actually act as the router on my IPs.  Instead they're being the gateway and giving the pfsense machine a single IP address so it's not acting as a gateway.  The Time-Warner support people were of absolutely zero help or assistance and refused to put the modem into a true bridge mode for us.  I'm so glad Glenn and Chris were able to make it work anyway.    Time-Warner has again found a way to disappoint me as a customer but they're the only high speed provider in this area.  I guess that's why their service is so bad.


Locked