Pfbox set as the router pc > no LAN internet out



  • hi,

    I set up my sister a new pfbox with her new ISP subscription at home. The ISP did not issue a router but a modem together with a static IP that you need to input to your pc's TCP/IP in order to get connection.

    On her pfbox, I set up the ISP configuration hoping the pfbox would serve as a pc router. It does work but the internet connection is just within the pc. if wount release any internet from its LAN connected to a HUB.

    What's wrong?



  • Did you set up the gateway and DNS for the WAN connection?



  • Yep, I did. The DNS and gateway came from the ISP company. The ISP co gave my sis 13 usable static IPs.

    I have 2 NICs, the one I used as the WAN and the other the LAN. I installed the pf via VB. the pfbox shows a WAN IP and LAN IP.

    I can browse, within the host pc, but when I connect the LAN to switch hub, all her laptop connected from the switch hub can connect to the internet or say it shows to internet at all. So I must be missing something.



  • So you are using pfSense within a VM? And the host PC can access the internet but not other PCs hooked to the LAN of this machine? If that's the case, it is a faulty configuration of the VM network, not pfSense



  • I don't think its a faulty from the VM since if I change the internet source, hooking up from a dSL router, I would get an internet frm the host lan and connect it to the hub and 3 pc would connect, but if I change it to new ISP (the one with a modem only) then I dont get internet from the hub. heres my network map

    Working:

    DSL router > pfsense > HUB > clients

    No connection:
    modem > pfsense (configured with ISP static IP with gateway and DNS > HUB > client

    So I gues I must have somethin missed in the pfsense config.



  • Ok, I have found the missing link!

    Just sharing (I know experts knew this already) from my experience.

    In my host machine I installed 2 NICs, the onboard would be the 3rd LAN.

    I am running pfs as guest OS via vbox.

    For the longest time, I was using ADSL  internet source so its a DHCP thing where once pf is installed and the correct NIC was bridged as WAN, the WAN would automatically obtains its own connection hence, a WAN IP.

    When I upgraded to a leased-line, my ISP gave me static IPs. Here came the problem. I thouight I have to configure my physical NIC with the static IP, and thinking that it was bridged as NIC WAN, it would recognize the static IP, but I WAS WRONG.

    It does nothing but a big fat NO INTERNET CONNECTION.

    You see, I have no academic background on networking or system integration etc. I only learn it by myself the basics of pfs and some networking stuff.

    So, What I did is I tried to configure the pf WAN interface with static IP, say xx.23 in my physical nic then xx.24 in wan interface but nothing happened.

    The elimination round:

    I set the physical NIC, bridged as WAN, to obtain and Whoa!!!! I got a connection!

    So I learned that if you have a static IP, just configure it at the pf WAN interface and leave the physical NIC alone.

    But here is a puzzle for me, it seems pf auto hides my physical NIC so that I can no longer see it from Network and Sharing center. The only NIC that appears is the LAN physical NIC and the VirtualBox Host Only Network.

    Well I don't know why. If somebody would share as the logic of it, I would be very grateful and if you could also tell me the use of the "VirtualBox Host Only Network" that appears like a NIC, please bear with a non-techie person like me.

    I love learning new things and these are new things to me.


  • Netgate Administrator

    The host OS should not be able to see the WAN NIC if it is bridged to the pfSense VM as you've seen. You can't have more than one OS attempting to control the IP properties of the NIC.
    IT would be best to have the IP settings on the WAN NIC set to 'none' in Windows but there isn't an option for that. Instead if you look at the WAN NIC properties it lists the protocols being used by the NIC. It should list 'virtual box' something (I can't remember exactly what it's called) that's the only protocol required. If you want you can disable the other protocols so that Viirtual Box is the only thing that can use that NIC. However, if it ain't broke….  ;)

    Steve


Log in to reply