Many problems upon fresh installation pfSense 2.1 64bit



  • Hi, just installed pfSense on pc with 2GB RAM, Dual core CPU 160 SATA HDD. Had only one PCI slot for 2nd NIC.
    Installed packages; squid3 then replaced it with squid because issue i will about to describe, then i give up for proxy and uninstall it completely.
    Now i have installed snort, Pfblocker and forwarded bunch off ports from mine LAN. Used free Oink code for snort, and common lists for Pfblocker.
    I have like this:
    Wirelles ISP device which provides me static PUBLIC IP. Its plugged in pfSense WAN port configured manually (static). Then goes LAN NIC which is alco static but DHCP is enabled. Its on 192.168.1.1 and thats WebConfiguratorIP too. Works fine. LAN NIC goes in Gigabit switch and to other devices.

    so;

    ISP RJ45 - pfSense (static WAN) - LAN (DHCP on) - switch - client

    Now, problems I have;

    • cannot access mine web, forum, phpMyadmin form LAN at all. It was like 192.168.1.205 hit enter and in there, no problems. But now it loads until dooms day - never
    • common video streaming webpages are gibberish like in 90% of time it loads only fonts, no ads, no pictures, thumbnails, and i cannot start video at all. Or if they are java it says "application blocked by security settings". But sometimes i can load without any problems and works really nice. Its random.

    I have

    • two Dynamic DNS services at same static IP. Was using it at WRT54GL tomato without problems
    • have webpage and forum running at 192.168.1.205 (its accessible from outside, but not from LAN) Not even if i use domain
    • have Minecraft server hosted (TOTALLY FREE, NOT EVEN DONATION BUTTONS) at another device with 192.168.1.203:25565 - that works too, even from outside on both public IP and domain without port specified (it should work like that.
    • I can connect to Minecraft server at 192.168.1.203:25565 - no problems
    • switch to WRT54GL where WAN is at DHCP so i can use WiFi radio from it at different IP range 192.168.0.1 - works fine
    • Ping works fine at every IP, host - whatever
    • at Web, and Minecraft server i stated static IPs, others are resolved by DHCP.

    I just want to solve that streaming problem so i see pages properly. Its really shame to have this good device and cant load YouTube?! And who knows what else i block so far.

    Im aware that i need to tweak some Firewall/NAT setting, or even DNS. But im not that much advanced and im seeking for help. If anyone is willing to check what’s happening at mine device, to help me to configure it fine i owe beer :)
    Please forgive me if something is not clear enough, I wish that mine English is bit better, but im doing my best.
    If someone have time and nerves to help me please tell me what screenshots you need and I will pack it on dropbox or such.



  • @ha11oga11o:


    Now, problems I have;

    • cannot access mine web, forum, phpMyadmin form LAN at all. It was like 192.168.1.205 hit enter and in there, no problems. But now it loads until dooms day - never
      ...
    • have webpage and forum running at 192.168.1.205 (its accessible from outside, but not from LAN) Not even if i use domain
      ...

    Depending on how your webserver is configured (apache with vhosts come to mind), if you want to access your server via a host on the LAN, you'll need to enable NAT reflection.  This can be done in [system > advanced > firewall/NAT].  There are options near the bottom of the page that you want to set:

    • NAT Reflection mode for port forwards: Enable (Pure NAT)

    • Enable automatic outbound NAT for Reflection: Checked

    Then you should be able to reach your server via its web address, e.g., www.mydomain.com

    As for your other problem, packet loss could be a cause, but it certainly isn't the only thing that could cause what you are experiencing.  Check that your connection is not dropping a terrible amount of packets at times when you cannot reach streaming sites by using the ping command.  Remember that some devices will not respond to pings, so if you see 100% packet loss, the device is probably configured to not respond to pings and you won't be able to get any useful information from that particular connection.  If that is the case, try pinging another device on the internet–something that is pretty reliable, like www.google.com



  • Heya,

    many thnx for kind response. I did what you suggested and seems that web itself works now. As for bad streaming - it was snort package which i was in n00b rush and didn't read beautifully created step-by step tutorial. I removed it for now cause im on road so i cant deal with it but need internet at home.

    I have another issue thou,-… im actually using Xampp on separate computer with, Apache, MySQL, ftp, etc... whole packet. It was easier to me to install it.

    Using MySQL for Minecraft server too. It works fine.

    Now, i CAN access pure webpage from LAN, but cant access SMF forum. An all that because i actually cannot access mine DDNS within LAN. It simply go time out after some time.

    I read, many lines in forum and apparently im so confused so i stop now and asking advice again. Before i ruins something i already fix/set.

    So far all is fine, internet connection is way, way, way batter... only to fix DDNS LAN resolve and it will be perfect :)

    One of the best features, and reason why actually use  pfSense is proxy filter with lists. Cause im attacked with spam to forum and MC at least twice a day.

    many thnx for help :)