LAN NIC not installing?
-
Yes, 192.168.1.120 and 192.168.1.40 are clients connected to the switch behind pfSense.
Yes, I mean 192.168.1.155 (pfSense LAN) can ping 192.168.1.120 (LAN client).
I removed pfSense port forward.
pfSense > Dashboard > System Information > DNS server(s) > 127.0.0.1, 61.9.211.33, 61.9.211.1.
192.168.1.120 ping 192.168.0.2 error: Destination Host Unreachable.
192.168.1.120 ping 192.168.0.50 error: Destination Host Unreachable.
192.168.1.120 ping 8.8.8.8 error: Destination Host Unreachable.
192.168.1.120 ping google.com error: unknown host google.com.
192.168.1.120 ping www.google.com error: unknown host www.google.com.pfSense > Diagnostics > Routes > IPv4 >
Destination Gateway Flags Refs Use Mtu Netif Expire default 192.168.0.50 UGS 0 19565 1500 re0 61.9.211.1 d4:3d:7e:de:aa:48 UHS 0 8 1500 re0 61.9.211.33 d4:3d:7e:de:aa:48 UHS 0 8 1500 re0 127.0.0.1 link#6 UH 0 24 16384 lo0 192.168.0.0/24 link#1 U 0 1345 1500 re0 192.168.0.2 link#1 UHS 0 0 16384 lo0 192.168.1.0/24 link#2 U 0 23947 1500 re1 192.168.1.155 link#2 UHS 0 0 16384 lo0 -
Ok, the pfSense routing table looks OK. It's interesting though that the cable router has handed the ISP external DNS servers to the pfSense box rather than using itself. Can you ping either of those two IPs, 61.9.211.1 or 61.9.211.33, from the pfSense box?
If not then you could try using Googles DNS servers, 8.8.8.8 and 8.8.4.4, in pfSense instead. Enter them in System: General Setup: and uncheck the box 'Allow DNS server list to be overridden'.192.168.1.120 ping 192.168.0.2 error: Destination Host Unreachable.
192.168.1.120 ping 192.168.0.50 error: Destination Host Unreachable.
192.168.1.120 ping 8.8.8.8 error: Destination Host Unreachable.These imply that the clients cannot reach anything beyond the pfSense LAN interface. Even if NAT is broken somehow the WAN interface IP should still be pingable.
Is there anything in the firewall logs to suggest traffic is being blocked when you try to connect from a LAN client?
The other obvious thing would be that the clients have an incorrect gateway set (or no gateway at all). We've been over that before but you should check it again. The lan clients should have their gateway set to 192.168.1.155, the pfSense LAN interface IP.Edit: Hmm, reading back through the thread it looks like no-one mentioned having the LAN clients gateway set correctly so definitely check that if you haven't already. To have worked correctly with the wifi router they would have been set to 192.168.1.180 which is now incorrect.
Steve
-
It's working!
I changed the DNSes 61.9.211.1 or 61.9.211.33 which I had manually entered into pfSense.
I changed the LAN clients' Default Gateway to 192.168.1.155.One final question I have is how to put the wireless on the pfSense.
If I can remove the Wi-Fi router this will save on expensive electricity.
I'll just have to buy a larger switch.Looking to install Snort and Squid now…should be a bit smoother.
Thanks to all who helped advance science and curiosity :-)
-
Wireless hardware support in pfSense is limited, it should be much better in 2.2.
If you are looking for a wifi card to use as an access point in pfSense your best bet is an older Atheros model, one that is 802.11G only. Some Ralink USB adapters can also work well. See:https://doc.pfsense.org/index.php/Supported_Wireless_Cards
Steve
