New pfsense 2.1 RC0 install no Internet from LAN
-
Hello - maybe some can help direct me to another thread or answer directly.
I've got a brand new pfsense install (version 2.1) on a jetway Quad NIC board with and additional dual NIC pci for eventual DMZ /LAN segments.
Configuration so far:
1. I have disabled all interfaces with the exception of 1 WAN and 1 LAN interface.
2. pfsense WAN interface (re0) has a static IP from my cable provider 108.x.Y.210/29 with gateway 108.x.y.209 ( which is e cable modems internal IP)
3. pfsense LAN interface (re5) is assigned to 192.168.1.2/24 with gateway 192.168.1.2
4. Pfsense LAN interface is connected to an unmanaged switch
5. PC physically connected to the same switch with static IP 192.168.1.122/24
6. DNS for the main WAN interface has been setThe following is working successfully:
1. I can ping from PC to Pfsense LAN interface
2. I can ping from PC to pfsense WAN interface
3. I can ping the internet from Pfsense webgui
4. I can resolve DNS from webgui in pfsenseI cannot ping from PC to Internet???
Can anyone kindly point me in the right direction or offer some help..I'm sure it's something simple, but have been wrestling with this for a couple of hours now.
Thanks in advance.
Jeff
-
Your setup description sounds fine.
There should be a default "allow all" rule on LAN. Is it still there?
Is Firewall, NAT, Outbound still set to Automatic outbound NAT rule generation?
(These are the defaults and will make LAN talk to the internet)
Post some screenshots of your LAN rules. -
Thanks for the reply.
Everything still seems to be as is should after the 'default' installation.
NAT is automatic and 'allow' all on the LAN.
Take a look at the pics..Any ideas?
Thanks again!
-jeff
 -
What if you enable the "IPv4 Default allow LAN to any rule " ???
-
Not sure why it as disabled, but even after enabling and applying. Still can't ping Internet. From PC???
Do I meet or reboot the pfsense box?
Tx
-
GW on Lan ??? Any particular reason for that ?
3. pfsense LAN interface (re5) is assigned to 192.168.1.2/24 with gateway 192.168.1.2
Usually you Don't need it :o
-
At worked! Thanks so much..
I guess I'm used to the retail routers where u need to define a gateway to route the traffic on all interfaces. Do u know why I don't need one defined or if the explanation is too long.. If you could point me to a book or article :)
Thanks again..saved the day!
-
From the point of view of LAN clients, the pfSense LAN IP is their gateway. But from the point of view of the pfSense, there is no gateway on the LAN - i.e. there is no other router on the LAN through which other networks can be reached.
If there is another router on the LAN (e.g. I have some test networks behind another pfSense on my LAN), then ou define a gateway for LAN and add some static routes to tell pfSense what networks are reached behind that gateway.
A gateway in pfSense is an address through which other networks can be reached - mostly gateways are "real" WANs, in the sense that the whole public internet can be reached through them. -
Thanks Phil! that makes sense.
