WAN default gateway down, Internet access works



  • I have a WAN interface with PPPoE configured. The interface is up, has a public IP address. I can access the Internet. So far so good.

    A traceroute to 8.8.8.8:

    
    FlosMacBook:~ fu$ traceroute 8.8.8.8
    traceroute to 8.8.8.8 (8.8.8.8), 64 hops max, 52 byte packets
     1  192.168.2.1 (192.168.2.1)  2.273 ms  1.831 ms  1.549 ms
     2  217.0.119.7 (217.0.119.7)  20.584 ms  19.933 ms  22.188 ms
     3  [...]
    
    

    This shows the default gateway as first hop.

    However pfSense shows the default gateway (WAN_PPPOE) as offline with 100% loss. The gateway has the public IP address (217.0.119.7) which has been assigned by the ISP as default gateway (according to PPP log).

    If I ping the gateway address form behind pfSense I get:

    
    FlosMacBook:~ fu$ ping 217.0.119.7
    PING 217.0.119.7 (217.0.119.7): 56 data bytes
    60 bytes from 217.0.119.7: Communication prohibited by filter
    Vr HL TOS  Len   ID Flg  off TTL Pro  cks      Src      Dst
     4  5  00 5400 d0c2   0 0000  3e  01 98c9 192.168.2.109  217.0.119.7 
    
    Request timeout for icmp_seq 0
    
    

    Ping from the pfSense box:

    
    PING 217.0.119.7 (217.0.119.7) from 217.*.*.*: 56 data bytes
    60 bytes from 217.0.119.7: Communication prohibited by filter
    Vr HL TOS  Len   ID Flg  off TTL Pro  cks      Src      Dst
     4  5  00 5400 ab38   0 0000  3f  01 2102 217.*.*.*  217.0.119.7 
    
    

    It appears that my ISP blocks the ping to the default gateway. Is that interpretation correct?

    Is there any problem with this?

    Is there anything I should about this?

    If I read that right I could just switch off the monitoring of the gateway.

    -flo-



  • Yes, the ISP is not allowing ping to its gateway. If you have only 1 WAN and do not care about recording ping time/packet loss stats for it and don't care about seeing that in real-time on the dashboard either, then simply disable gateway monitoring.
    Or specify and alternate monitor IP, like 8.8.8.8 (Google) and you will then get stats and some idea of how your connection is going.



  • Thank you for the clarification! I chose to do this:

    @phil.davis:

    Or specify and alternate monitor IP, like 8.8.8.8 (Google)

    That works fine.

    -flo-