Having a tough time understanding why this setup doesn't work…
-
Hello all,
I have a Comcast Business Connection to start, and am trying to setup pfsense behind the SMC Gateway they give (Yes, it's in bridged mode, don't worry) Here's the lowdown:
Comcast IP information:
IP's: 198.0.212.65 - 69, Netmask: 255.255.255.248 and 198.0.212.70 as GWSMC LAN: 192.168.1.1
pfsense:
WAN: 198.0.212.68/29
GW: 192.168.0.70
LAN: 192.168.10.1
GW: ? (I've tried filling 192.168.10.2, x.x.x.1, nothing seems to work)Now. From the pfsense firewall itself… it has DNS servers set of 8.8.8.8 and 8.8.4.4
And when I go to ping traffic from the WAN interface, it can't lookup anything (oddly). BUT.
When I ping an external IP address? It works.From the LAN interface, I get nothing at all. Same from a computer on the LAN interface as well.
Can someone guide me in the right direction? What am I doing wrong here?
-
Unless you have down stream routers that you need to go through to access other local subnets you should not have any gateway set on LAN. After you remove it from the LAN interface setup page you should check in System: Routing: Gateways: to make sure it's been removed from there and that the wan gateway is default.
Steve
-
Go to system->Routing.
Ensure that your WAN gateway (198.0.212.70) is set properly (add it if you haven't got it).
Now go to Firewall->NAT->Outbound and check that you have rules to NAT to 198.0.212.68.
If not, set manual outbound NAT, then add a rule to NAT your LAN subnet to 198.0.212.68 on WAN interface, uncheck 'static port'.
If you have more than 1 IP set on the WAN interface via Virtual IP, you need to select 198.0.212.68 under the Translation dropdown box.
i.e.
Create a rule with: Interface: WAN, Protocol: ANY, Source network type: Network, Address: 192.168.10.0/ 24?, Translation address: Interface address (if using VIP, select your VIP IP here).Go to Firewall->Rules->LAN. Check that you have a default rule to allow access from LAN subnet to any protocol, any destination. If you don't have this, set it up.
That should work for most part.
-
Go to system->Routing.
Ensure that your WAN gateway (198.0.212.70) is set properly (add it if you haven't got it).
Now go to Firewall->NAT->Outbound and check that you have rules to NAT to 198.0.212.68.
If not, set manual outbound NAT, then add a rule to NAT your LAN subnet to 198.0.212.68 on WAN interface, uncheck 'static'.Go to Firewall->Rules->LAN. Check that you have a default rule to allow access from LAN subnet to any protocol, any destination. If you don't have this, set it up.
That should work for most part.
This was completely the issue, figured it out about an hour ago after searching for 'basic internet connectivity pfsense' on google. Thank you guys very much!
