No Internet Connection ?



  • Ok so I'll start off by saying, Yes I was here before, Yes I had a pf Sense box running but I had to re purpose that machine…I do thank Steve and Bob for helping me but I have a new problem, I built a new machine it uses and old Asus board, a P4 2.66ghz CPU, 512 Mb of RAM, a 40 GB HDD for the OS, an add on NIC, and a add on WirelessNIC that I haven't setup yet.

    So I am at the stage where I am trying to make the system take a connection and send out another, but that is it not further, ( If that doesn't make sense I am sorry, I am not sure how to explain it ) I have setup WAN, as well as LAN but I can't get data through, I have these interfaces setup as such,

    WAN (wan) ->bfe0 -> v4: 192.168.1.153/24 Static IP, (This is used for the line in if you will)
    LAN (lan) ->xl0 -> v4: 192.168.4.1/24 Static IP, DHCP Server is enabled, I have set the firewall rule to allow any connections through but I think that might change, I have to look into the menu a bit more, (This was for the line out if you will)

    OPT1 will be the WIFI NIC If I remember correctly, but for now I would just like to connect with wired,

    I can connect to it through the second NIC (xl0), I do have to change me PC IP and Gateway IP accordingly, ( 192.168.4.6  -  192.168.4.1 )

    I can then go through the menu's as I would normally, I can set the rule, I can change IP's, I started the DHCP server for the card on the Console during install,

    I just don't understand why I don't have any internet access from my PC to the World,

    If you need anymore info then just ask, I honestly think you will, I also think that when I get the answer it is gonna be something so obvious that it is stupid, but if it is fixed then i'm happy,

    Thanks in advance

    Nathan



  • Have you set a default gateway? (What is the IP address of the system on your WAN subnet, 192.168.1/1/24?)

    Without a default gateway your pfSense box won't know where to forward packets so they get on the Internet. You chose static IP for WAN which means you need to provide default gateway AND IP address of DNS.



  • Yes I did, it is setup as you said, 192.168.1.1/24, however I don't see any thing about DNS though is it somewhere else other then Interfaces:Wan ?


  • Netgate Administrator

    It's in System:General Setup: DNS servers.
    Does your pfSense box have an internet connection itself? Does it say 'you are on the latest version' or 'unable to obtain update status' on the dashboard?

    Steve



  • Well I did manage to find the DNS section but I am not sure what to put there do I just use the IP of the network card ? or do I use something like Googles DNS servers, ?

    At the moment it says "Unable to check for updates" but I know I have it wired correctly so I am doing something wrong in the software side,

    Nathan


  • Netgate Administrator

    If you don't have and DNS servers defined then pfSense can't lookup pfsense.org to find updates. Also clients won't be able to resolve any IP addresses.
    In the DNS field you would normally put in the address of the WAN side DNS servers. These could be your ISPs DNS servers or Google's servers or the DNS forwarding service in your upsteam modem/router. Since your WAN address is a private IP I would suggest putting in the address of your upstream gateway.

    Steve



  • Thanks for the quick reply, I am a little lost if I were to use Googles DNS servers,  would I put 8.8.8.8 in 1 line then 8.8.4.4 in another ? Well never mind about that …. 8.8.4.4 is the alternate DNS server, I will give it a shot, Ok, I added 8.8.8.8 on the Gateway I made for WAN but I still can't access anything, It is still reading, "Unable to check for updates". In the section for DNS Server(s) in the Dashboard it has 127.0.0.1 listed and then 8.8.8.8 listed, I am not sure where to go from here.

    Nathan


  • Netgate Administrator

    Ok, back to basics.  :)
    What is connected to the WAN interface? What is it's IP address? (I assume it's 192.168.1.1) Why are you using a static IP for WAN?
    You need to check the connection at each stage systematically. Starting with trying to ping whatever is the next hop on the WAN side from the pfSense box. Then try pinging google's DNS servers then google.com. That should tell you what is working and what's not.

    Steve



  • I have WAN on a static IP of 192.168.1.153, It is receiving from a Router with the IP of 192.168.1.1 as well I used the Ping host option on the pfSense console, I pinged Googles DNS servers and I sent 3 packest and I received 3 of them so I guess that works, I pinged the router, all is fine, but when I tired to ping my PC it failed… Is that normal ? My PC is on 192.168.1.6 right now, I am going to change it to 192.168.4.6 and try to ping it then, still wasn't able to ping it, any ideas now ?

    Nathan



  • @nathan715:

    My PC is on 192.168.1.6 right now, I am going to change it to 192.168.4.6 and try to ping it then, still wasn't able to ping it, any ideas now ?

    Please post the ping command and response. That combination is nearly always more informative than "not able to ping".

    You previously said:
    @nathan715:

    I can connect to it through the second NIC (xl0), I do have to change me PC IP and Gateway IP accordingly, ( 192.168.4.6  -  192.168.4.1 )

    Is that still true?



  • For the Ping command all I do is press 7 on the console then type in my IP 192.168.1.6

    the response it,

    PING 192.168.1.6 (192.168.1.6): 56 data bytes

    –-192.168.1.6 ping statistics ---
    3 packets transmitted, 0 packets received, 100% packet loss

    Press ENTER to continue.

    And yes If I change my IP to 192.168.4.6 I can connect to 192.168.4.1 (what I assigned the second NIC )



  • Its important to get the details correct. Your PC with IP address 192.168.1.6 is conected to the pfSense LAN interface?



  • Yes, It is, I though I said that already, or at least though that would have been obvious, but yes it is connected there,



  • @nathan715:

    or at least though that would have been obvious,

    I suspect this connection would not have been obvious to someone who understands subnets and how routing works.

    You ping 192.168.1.6. The ping goes out on the interface on the subnet of which 192.168.1.6 is a member - in this case the WAN interface.

    Your PC needs to have an IP address in the subnet of the pfSense interface to which it is connected.



  • @nathan715:

    I am going to change it to 192.168.4.6 and try to ping it then, still wasn't able to ping it, any ideas now ?

    Nathan

    I have, I had no luck,



  • What is the response to pfSense shell command:```
    ping -c 5 192.168.4.6 ; arp -a -n



  • Sorry it took me so long to get back to you, I was very busy, But here it is,

    [2.1-BETA0][root@pfsense.localdomain]/root(1): ping -c 5 192.168.4.6;arp -a -n
    PING 192.168.4.6 (192.168.4.6): 56 data bytes

    –- 192.168.4.6 ping statistics ---
    5 packets transmitted, 0 packets received, 100.0% packet loss
    ? (8.8.4.4) at (incomplete) on xl0 expired [ethernet]
    ? (192.168.4.6) at 00:14:22:34:d7:1f on xl0 expires in 992 seconds [ethernet]
    ? (192.168.4.1) at 00:04:75🇩🇪a1:2f on xl0 permanent [ethernet]
    ? (192.168.1.1) at 30:85:a9:3a:4a:a8 on bfe0 expires in 1200 seconds [ethernet]
    ? (192.168.1.153) at 00:e0:18:ba:c0:52 on bfe0 permanent [ethernet]
    [2.1-BETA0][root@pfsense.localdomain]/root(2):

    It was an annoyance to type out but there it is,

    Nathan



  • The ARP data shows at the time a MAC address for 192.168.4.6 was known. Is that MAC address correct? Is that system enabled to respond to pings?

    The following ARP entry has me curious:
    @nathan715:

    ? (8.8.4.4) at (incomplete) on xl0 expired [ethernet]

    That suggests that at some time in recent past your pfsense thought 8.8.4.4 was on the same subnet as xl0! What netmask do you have on your interfaces?

    Perhaps you have been tweaking various things and the system has some memory of various tweaks that have not been completely undone.

    I suggest you reboot your pfSense box and attempt to ping 192.168.4.6 again. If you don't get a ping response then check the PC is configured to respond to pings and try pinging the pfSense box from the PC.


Locked