3rd LAN doesn't work



  • Hello to all,
    I want to ask if anyone can give me a hand, about a problem that is probably simple, but which I can not get on top.

    I have pfSense 2.0.2 installed on an appliance that has 5 NICs. I use it for a long and I have never had problems. The configuration that I use is very simple:

    1st NIC

    • WAN 192.168.1.10/24
      with the default rules (Block private networks, Block bogon networks)

    2nd NIC

    • LAN1 10.1.1.1 / 8 (with DHCP)
      Anti lockout rule
      Proto: any - Source LAN - Port: any - Destination: any - Port: any

    3rd NIC

    • LAN2 172.16.0.1/22 (with DHCP)
      Proto: UDP - Source LAN2 - Port: any - Destination: (my primary dns provider) - Port: 53
      Proto: UDP - Source LAN2 - Port: any - Destination: (my secondary dns provider) - Port: 53
      Proto: any - Source LAN2 - Port: any - Destination: not LAN - Port: any

    In this way, from LAN1 I can access the internet and LAN2, from LAN2 only the internet.
    Again, so far it worked very well, including the  DHCP  leases to each network.

    I tried to activate an additional network card (LAN3 172.16.4.1/22), with the intention of having a new network (LAN3), separated from the others.
    The settings are:

    4th NIC

    • LAN3 172.16.4.1/22
      Proto: UDP - Source LAN3 - Port: any - Destination: (my primary dns provider) - Port: 53
      Proto: UDP - Source LAN3 - Port: any - Destination: (my secondary dns provider) - Port: 53
      Proto: any - LAN3 Source - Port: any - Destination: any - Port: any

    But here the problems begin: I can not make it work in any way.
    Or better: the card is working (in the log is UP and it responds to ping: Diagnostics> Ping) but connecting any device on the same network does not work (the LED indicates that the connection is active, but you can not ping from a static address configured on the same network).
    Even if I do a ping from LAN1, address 172.16.4.1 responds correctly.

    I doubt that everything depends on the firewall, but the rule I put should not prevent anything …
    The Firewall log does not show anything about it. I tried to activate the flag "That Log packets are handled by this rule" on all the rules of LAN3, but no error message is returned.

    What might be?
    Is there any command that can help in the diagnosis in order to understand what's the problem?
    Thank you!



  • Do you have limitations from isp? some ISP's like to limit that how many clients can be on internet via their connection



  • I don't think limitations on internet connections is the problem. He states that he cannot even ping the pfsense machine from a computer behind that NIC. So it is either a configuration issue or a hardware issue. First thing I would do is reboot. Then, what I would do is to setup a tcpdump on LAN3 NIC and see if packets are getting there. Do you have DHCP running on LAN3?


Log in to reply