Can not get to the internet from machine behind pfsense, please help



  • Greetings,

    I'm trying to configure a virtual network with virtualbox and pfsense.

    Here is the issue,

    I have everything set up and can ping from the pfsense console without a problem, but I can not ping or go to any site from a client machine. I noticed if I ping from the client machine, the prompt comes back with an iip address, but then it times out. Like this:

    C:\Users\sgb77>ping yahoo.com

    Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
    Request timed out.
    Request timed out.
    Request timed out.
    Request timed out.

    Ping statistics for 206.190.36.45:
        Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

    Again when I ping from pfsense shell, there is no problem, and I can get to the web interface without a problem from the client machine.

    Here is my configuration:

    pfsense machine:
    Since I'm runing this machine as a virtual machine my WAN configuration is as follows:
    domain: mydomain.com
    ip 192.168.1.50 /24
    gateway: 192.168.1.1 //this is my phisical router
    DNS: dns servers in the net

    Block private networks: unchecked

    LAN
    ip 192.168.2.1/24
    gateway: 192.168.2.1

    CLIENT machine:
    ip:192.168.2.5
    subnet: 255.255.255.0
    gateway: 192.168.2.1
    dns: 192.168.2.1

    I have read the post below and have made sure to do most of what's there, but still no luck. I do see error logs in the firewall, but they don't make sense to me.
    I'm attaching the log

    https://forum.pfsense.org/index.php?topic=45956.0

    Any help will be greatly apreciated.
    pfsenselogs.txt



  • What are your outbound firewire rules looking like? Also the rules for LAN.

    What does your firewall log say?



  • I'm attaching my Lan firewall rules, they were there by default, and there are no rules in the Wan tab.

    My previous post, has an attachment with my firewall logs, I can also do a screen shot if the log is not readble.

    Thanks!



  • Rebel Alliance

    LAN
    ip 192.168.2.1/24
    gateway: 192.168.2.1

    You don't need a GW on a LAN type interface…. remove it and your problem will be gone ;)



  • That did it.  :)
    You guys are awesome, it had to be one of those things that I would've never thought would affect anything, obviously I still have a lot to learn!

    Thanks gentlemen, your help is much appreciated, I'm sure I'll be back here soon…  ;D