Can't get internett access with pfSense



  • I have pfSense installed on a computer but when i try to connect it to the main computer it won't connect propperly. In the pfSense menu on the computer it say WAN -> ue0 -> v4/DHCP4 : 192.168.0.113/24
    Is this normal or shud it be an LAN also? When i connect it to the main computer i use an USB to ethernet adapter, is this ok or shud i have installed annother PCI lan card?


  • Netgate Administrator

    Hmm, not sure what happened to your other posts (or my replies). Anyway…

    @cessnas:

    In the pfSense menu on the computer it say WAN -> ue0 -> v4/DHCP4 : 192.168.0.113/24
    Is this normal or shud it be an LAN also?

    If it doesn't list LAN there then you haven't configured a LAN interface. ue0 is a USB Ethernet interface. I assume this box has some other type of NIC in it from your previous posts? If you had LAN assigned it would be shown, e.g.:

     WAN (wan)       -> fxp0       -> v4/DHCP4: 192.168.5.11/24
     LAN (lan)       -> bridge0    -> v4: 192.168.110.1/24
    
    

    The WAN interface is receiving an IP from something upstream and because you have only configured a single interface the webgui will be accesible at 192.168.0.113 from some other upstream client.

    At the pfSense menu, at the console, you have the option to assign the interfaces (option 1) just as you did in the initial setup. If you run that you can assign WAN and LAN interfaces assuming you have two NICs available for assignment. I think I asked before but what interfaces does it list as available?

    Steve



  • I reinstalled pfSense on the computer and did it right now. Now i have WAN and LAN, this is how it locks like:
    WAN -> ue0 ->
    LAN -> nfe0 -> V4: 192.169.1.1 /24
    Is this right? And i deleted the other post (sorry Steve). But the problem i have now is that i can connect to the PC just fine and enter the pfSense wizard. But i can't get internet access. Is it something i shud redo in the wizard?

    cessnas


  • Netgate Administrator

    Ah, good. So you have an onboard Nvidia NIC for LAN.

    The readout now indicates that, as you've said, the WAN is not picking up an IP. This could be because it's not set to use DHCP to receive it. Go to Interfaces: WAN: in the webgui. Make sure the 'IPv4 Configuration Type' is set to DHCP.

    Check you are seeing link lights on the USB device. You might need a cross-over cable if both ends are 10/100 ethernet.

    Steve



  • Ok. Now i have enabled the WAN interface and set the IPv4 to DHCP. But i still can't get internet to the main PC. This is how the setup is if it will help you find the problem. 
    From the Ethernet in the wall to the USB to ethernet into the pfSense computer (both seeing lights on the adapter glows and flickers).
    From the PC with pfSense on (only green seeing light glows) to the main computer (only the yellow light glows). Is the wiring right?

    cessnas


  • Netgate Administrator

    Looks right. Are you seeing the WAN interface get an IP address? Either at the console as you did before or in the webgui. Can you access the webgui?

    Steve



  • The WAN has got an IP addre in the Webgui but not on the pfsense computer.  But is WAN wierless? Because i don't have an wierless card in the pfSense computer.

    cessnas


  • Netgate Administrator

    No the WAN is using your USB-Ethernet adapter whatever that might be. If it is showing an address in the webgui then that's fine. You might find it will show on the console if you just redraw the menu by hitting return (without entering anything). I assume it's showing an address in the 192.168.0.X range?

    How are you testing for internet access? In the pfSense dashboard is it showing 'You are on the latest version' in the system information widget?

    Steve



  • Now in the pfSense consol it says:
    WAN -> ue0 -> V4/DHCP4 : 95.34.253.35/24
    LAN -> nfe0 -> v4: 192.168.1.1/24
    And for the internet test i just go to google.com. In the pfSense WebUi it don't say that it is the newest version.


  • LAYER 8 Global Moderator

    well if you client is connected to pfsense lan with an IP in the 192.168.1.0/24 network and using pfsense for dns (and pfsense gets a dns server to use) then it should be working and pfsense as its gateway.



  • Yeah. But what shuld i do to fix the problem i am having? I have connected the ethernet cable that goes into the pfSense computer into an router. Is this wrong? Shuld i connect it directly into the client internet box?


  • LAYER 8 Global Moderator

    What problem?  pfsense seems to have a public IP connection..  Any device that can talk to its lan IP, ie on its lan and using pfsense as its gateway should be able to use pfsense wan connection for internet.

    If you plugging pfsense lan into another router - which I would assume is NATTING, and quite possible could have pfsense lan network also on that routers lan - then yeah your going to have issues most likely and would be double natting.

    In a normal setup the pfsense lan interface would be connected to a normal switch - then devices connected to that switch would use pfsense as dhcp server, and dns and the gateway off the pfsense lan network.



  • If you read longer up in the topic you wil see that i have problems getting internet trough the pfSense computer. I can connect to the pfSense WebUi but i can't go on the internet and search google.com.
    PS. i am a noob so please don't use so many advanced words…


  • LAYER 8 Global Moderator

    How are you connecting to the pfsense web gui?  How is that machine connected to pfsense?


  • Netgate Administrator

    You have clearly moved the WAN connection since you're now seeing a public IP rather than the 192.168.0.X address you had earlier but what you've changed to is correct as Johnpoz said.
    If the dashboard is not showing 'You are on the latest version' but instead says 'unable to check for updates' the you have have a connection issue on the WAN side. Is it receiving that address via DHCP from a some upstream device, a cable modem perhaps?
    Go to Status: Interfaces: in the WAN section is it showing the correct gateway address? Is it showing DNS servers? Copy and paste the info if you want.
    Try running some ping tests from Diagnostics: Ping: Try pinging 8.8.8.8. Try pinging google.com. If neither of those work what is the actual output, more useful than 'it didn't work'.

    Steve



  • OK. Now i did what you said and restarted the firmweare. Now i have got internet! Thanks allot guys! But i still have one problem… The internet sucks in comparison of the router.
    Is this because i am running the ethernet cable that goes into the pfSense computer from another router? How is your setup of the cables?


  • Netgate Administrator

    In what way does the internet suck? (too much spam, trolls etc  :P)

    Check the system logs for errors.
    Often a very slow connection is caused by a duplex mismatch. Check the Status: Interfaces: page, make sure that both WAN and LAN are reorting 100Mbps (or 1000) and full duplex.

    Steve



  • Both the WAN and LAN are running in full-duplex/ 100mb. But i ask you agian, how is your cable setup? I think i have set my cables up wrong.


  • LAYER 8 Global Moderator

    cables setup wrong?

    modem – wan pfsense lan -- switch - devices


  • Netgate Administrator

    Yup same here. You might have a separate modem or a combination modem/router in bridge mode but you have managed to get your public IP onto the pfSense WAN and that's correct.

    Is the connection slow?

    Steve



  • My setup is Modem -> Router -> pfSense computer -> main computer
    Is this wrong?


  • LAYER 8 Global Moderator

    and how is your pfsense getting a public IP if behind your router?

    That setup is kind of pointless if you ask me, since pfsense is designed to be the edge firewall/router.

    Are you just using your routers lan ports as a switch.. What are the make and model numbers of your modem and router?

    So you computer is just directly connected to pfsense lan port?  Doing auto crossover, crossover cable?

    Don't you have any other computes/devices that you want to connect to the internet - how are they going to get to the internet with that sort of setup?



  • In my house we have an router to do the wifi stuff, but since my room is so far away from the router my internett is bad. So i wanted to use an old computer here up on my room to make my self an own internett. Thats were pfSense comes tyo good use. But i don't know witch LAN port i shud use to connect the pfSense computer to the internett.
    So my modem is a thomson tcm 470, and my router ia an D-link dir-655.


  • Netgate Administrator

    It would be better from a security and flexibility point of view to connect like this:

    TCM470 -> WAN-pfSense-LAN- -> DIR-655 (running as a switch/AP only) -> client machien

    However you may not be able to do that given the layout of your house. If you connect it like this:

    TCM470 -> WAN-DIR655-LAN -> WAN-pfSense-LAN- ->  client machine

    Then you will be double NATing as Johnpoz pointed out. Some things may cause problems but mostly it should work fine.

    You still haven't said what was bad about the connection when it worked?  :-\

    Steve



  • When the internet conection was bad i ment that if i was connecting to the router i vould have 10 ping and 22mb down but if i used the pfSense i had 21 ping and 11 mb down. But if i try the setup that you sudgested does i have to reinstall pfSense? I am also using those thing that takes your internet trough the powerline of the house so i can connect however you sudgest.


  • Netgate Administrator

    No you don't have to re-install pfSense. You don't even have to reconfigure it since it's using DHCP for WAN in both cases.

    Those Ethernet over Powerline boxes can give trouble. I've seen both random disconnects and connection speed far less that advertised. You should try to setup a test with direct connections even if just temporarily. Have you been using them for some time are they also a new addition to your network?

    Steve



  • Yes the boxes are new. But do you sudgest that i go down stair with the pfSense computer and try to connect it directly into the TCM 470? And the powerline boxes are new but seem to work great.


  • Netgate Administrator

    Yes, just as a test I would connect it directly without the powerline boxes. They may well work fine but when you change too many things at once you can never be sure what's causing problems.

    Steve


  • LAYER 8 Global Moderator

    "So i wanted to use an old computer here up on my room to make my self an own internett"

    What??  Juts run a connection from your router is all you need - you don't need another router to add a client to your network.

    You have NO need for pfsense to add a device to your network.



  • Yes, i know i don't realy need the extra pfSense computer for evryday use. But when i am hosting a LAN party the internet realy sucks because of the overload on the router.


  • Netgate Administrator

    You would be able to mitigate that to some extent using the traffic shaping features of pfSense but all the traffic will still be going through the router.
    If that is your main purpose for using pfSense you will be much better off connecting it directly to the modem.

    Steve


  • LAYER 8 Global Moderator

    So you think pfsense is going to make your internet faster?  If your router can not handle the connections then replace it with the pfsense box sure - use your old router as just an AP for wireless then.

    On a side note – what does a "LAN" party have to do with your router or the internet in the first place - all that is required for a LAN party is a switch ;)


  • Netgate Administrator

    Ha! Good point.  ;)
    I guess many games require a continuous internet connection these days even if the server is hosted locally.

    Steve



  • @cessnas:

    My setup is Modem -> Router -> pfSense computer -> main computer
    Is this wrong?

    Switch it to:

    (Modem) -> (pfSense) -> (WiFi Router) -> (rest of LAN)

    The way you have it all your WiFi devices are skipping pfSense and going straight to the WiFi router and then out to the Internet.  Put pfSense as the most "upstream" or perimeter device.  So immediately downstream from the modem.


Log in to reply