Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Simple test lab, no connectivity

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    4 Posts 2 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      w2irt
      last edited by

      Hi all,
      I'm trying to use pfSense for a simple test lab of virtual machines under Virtual Box. Configuration looks right but LAN clients can't access the real world. You can't really ask for a simpler configuration:

      House LAN is on the 192.168.1.0/24 network, using a Verizon FiOS ActionTec router who's LAN side is 192.168.1.1.
      Test lab is on a machine with a static IP of 192.168.1.3
      Default Gateway is the ActionTec, on 192.168.1.1

      On Virtualbox, adapter one is set to Bridged (using the host PC's wired NIC). Adapter 2 is set to Internal Network (intnet). I'm using Virtualbox version 4.3.6 loaded on a Win7/64 host machine.

      em0 is set to a static address, on the "WAN" (House private IP) side, to 192.168.1.253/24, Gateway 192.168.1.1
      em1 is set to a static address, on the test network LAN side, to 192.168.10.1/24.

      Initially pfSense pulled a valid IP of 192.168.1.19 from the house DHCP server, but I changed that to a static IP.

      From the pfSense Command line/console:
      I can login via the https protocol from machines on the test LAN.
      I can ping external names and external IP addresses.
      I can ping internal IPs (but not hostnames)
      I can traceroute to external IPs and domains.

      From a client on the test lab's LAN (192.168.10.anything):
      I can ping the LAN side of pfSense (192.168.10.1)
      I can NOT ping the WAN side (192.168.1.253)
      I can NOT ping anything on the 192.168.1.x network
      I can NOT ping anything external, ALTHOUGH, if I enter a domain name, it WILL resolve the domain, but not successfully ping it.
      In other words….

      ping cnn.com

      Pinging cnn.com [157.166.266.25] with 32 bytes of data:
      Request timed out
      Request timed out
      Request timed out
      Request timed out

      Ping statistics for 157.166.226.25
          Packets: Sent = 4, Received = 0, Lost = 4 (100% loss)

      This is about as far as I can go. Obviously domain resolution is working but nothing else. I'm sure it's something simple, but nothing I've found online says to do anything differently than I've done. Any help greatly appreciated! Thanks!!

      Cheers,
      Peter

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        Did you enter a gateway on the LAN interface? That would cause this behaviour. There shouldn't be one.
        If you did remove it from LAN and then go to System: Routing: and make sure it's not there either and that the WAN gateway is  set as default

        Steve

        1 Reply Last reply Reply Quote 0
        • W
          w2irt
          last edited by

          OK, there was a LAN gateway setup, but when I removed it it still did not work. I reloaded from scratch, ensuring there was no LAN gateway set up and still nothing.

          EDIT: Found the problem. RFC1918 was blocked by default. Since my "WAN" interface is actually on my internal LAN side of the real-world gateway (192.168.1.1). I wish that was part of the initial setup option from CLI–itwould have saved me a day of grief!

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            The blocked rfc1918 rule will not prevent access to the WAN from the LAN. It should not have caused this problem.
            Anyway glad you're good.  :)

            Steve

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.