[SOLVED] Need HEEELP! My server cannot be seen by the internet!
-
I would not thing so, but when ever you change IPs for web servers, you have to readjust rule and NAT. So, I would change your laptop to static so you know it will not change and then go from there. Also, remember that you also have to UVerse modem/router in the way as well and that might have been the cause.
pfSense is in front of a few website (I know all mine are) and there is not a problem at all. -
Then, when I added /wordpress again, it worked?!?!?!? It's like I had to "wake up" something (not the computer cause it's always on) by typing in the IP address alone and then the /wordpress to actually reach the site. What could cause that? Something in the pfSense device?
I imagine what you are seeing there is an uncleared state in the state table or a delay while the arp table updates. Once the remaining stuff times out the new address is reachable.
Steve
-
Would not be a problem if it is statically assigned. Just saying.
-
Yeah, what both of you say are right. Because the IP was assigned by DHCP, when the IP changed on the laptop most likely there was an uncleared state. As long as the server has a static IP I should be fine.
I've tested the pfSense device long enough. I'm gonna try to reinstall it over the weekend and directly plug in the server into the NIC. We'll see if that works. If it does then I'll know that the DHCP of the switch is interfering rather than working with the pfSense device.
I do have a question about the IP range for the LAN: Typically I set the pfSense device to 172.20.2.1 and then the range to 172.20.2.2 to 172.20.2.254. But at home I had it set to 172.20.2.1 to 172.20.2.255 . Which is correct or does it not matter?
-
Typically you want to exclude static addresses from DHCP. So starting at .2 is fine. I would start at 100 myself to give you room for statics.
-
You would normally not include 255 in the range because that's the broadcast address for the subnet. In fact it's slightly surprising that you were allowed to use it.
http://en.wikipedia.org/wiki/IPv4#Addresses_ending_in_0_or_255
It shouldn't make any difference though since you weren't actually using that address.Steve
-
Yeah, that's what I thought, Stephen, but it gave me no error. Whether it's actually using it or not or perhaps pfSense auto-discludes that address is something I don't know.
Unfortunately they configured the server at .45 , and I dunno what other devices are configured in the double, or single digit IP range. That's why I gotta go full range with the configuration :-\
I'm at the office and gonna see what a direct server connection does. Fingers crossed ;)
-
Good luck, I'm sending you positive vibes from across the pond! :)
Steve
-
Update: And IT WORKS!!! OMG!! OMG!! Seriously?!? BWAHAHAHAHAHAHAHAA!!! :o ;D :D 8) :)
So it has to be that sparkly new switch I bought. I mean it works with the rest of the building, just not with the server. Or it could be that DHCP thing I was talking about earlier. Should've bought a cheap, unmanaged switch. Why did I buy the awesome full managed switch?? I thought I could use it for future uses, but it's like I don't even need it when I got pfSense = <3
-
Nice! ;D
Sounds like you need to study the manual on the switch to understand whatever was causing the problem. Make sure nothing else is waiting to bite you later.
Managed switches are generally pretty useful to have though.Steve
-
Yes sir, that damn switch has already bitten me :P I just need to tame it and make him a good boy ;D
Oh I left out the part where configuring the pfSense device was easy. Too easy. Damn this was like Pie Easy! (cause we don't trust the cake ;) ) All I did was change the pfSense device port and then added a Nat rule to forward port 443 to the internal IP address, DONE! God the pain that switch put me though >:(
Once I figure this out I can finally move on to the Failover issue. Alrighty then, here I go! ::) :D
So how do I mark this as solved? Add [SOLVED] to the first post title?
-
All I did was change the pfSense device port and then added a Nat rule to forward port 443 to the internal IP address, DONE!
You may not even have had to do that, but it doesn't hurt to be sure.
Unfortunately since the forum update a while back post editing is limited to a few days so you may not be able to mark it solved yourself. Only a mod can do it.
Steve
-
Glad to see this saga is solved. ;D I marked it as such.