No IP address displayed
-
Ok, well we have some new information at least!
That duplicated IPv6 address is probably because both the pfSense WAN and the Host, PC1, are requesting addresses using the same MAC address. They share the same physical MAC. I'm unsure why that didn't happen before. There is probably a work around by spoofing the MAC but if you don't need IPv6 you can just go to Interfaces: WAN: and set the IPv6 configuration type to 'none'. I assume you had set that to DHCP. Obviously leave the IPv4 type as DHCP.So you had no problem connecting to the LAN from the Ubuntu VM? Did it receive an IP from the pfSense DHCP server? You can check it in Status: DHCP leases:
Steve
-
On Host before firing up pfSense
$ sudo ifconfig```
eth0 Link encap:Ethernet HWaddr 00:26:18:44:b6:1a
inet addr:192.168.0.10 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::226:18ff:fe44:b61a/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:231980 errors:0 dropped:0 overruns:0 frame:0
TX packets:144575 errors:0 dropped:0 overruns:0 carrier:1
collisions:0 txqueuelen:1000
RX bytes:322513726 (307.5 MiB) TX bytes:13891455 (13.2 MiB)
Interrupt:18eth1 Link encap:Ethernet HWaddr 90:f6:52:03:57:86
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:43 Base address:0x4000lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:480 (480.0 B) TX bytes:480 (480.0 B)> That duplicated IPv6 address is probably because both the pfSense WAN and the Host, PC1, are requesting addresses using the same MAC address. They share the same physical MAC. I'm unsure why that didn't happen before. There is probably a work around by spoofing the MAC but if you don't need IPv6 you can just go to Interfaces: WAN: and set the IPv6 configuration type to 'none'. I assume you had set that to DHCP. Obviously leave the IPv4 type as DHCP. Before changing pppoe back to DHCP I have put the MAC Address of eth0 "00:26:18:44:b6:1a" there (IIRC). During changing pppoe to DHCP I deleted that MAC Address. Now I couldn't start pfSense anymore it was held on;``` ..... Do you want tp set VLANs [y|n] em1: DAD detected duplicate IPv6 address fe80:2::226:10ff:fe44:b61a: NS in/out=0/1 NA in=1 em1: DAD complete for fe80:2::226:10ff:fe44:b61a - duplicate found em1: manual intervention required em1: possible hardware address duplication detected,l disable IPv6
satimis
-
So you tried disabling DHCPv6?
At that screen you should still be able to answer 'N' to the VLANs question and continue the pfSense setup. The duplicate IP warning is just informational. It shouldn't stop you continuing.
Steve
-
So you tried disabling DHCPv6?
At that screen you should still be able to answer 'N' to the VLANs question and continue the pfSense setup. The duplicate IP warning is just informational. It shouldn't stop you continuing.
I was stuck there. Actually I was not allowed to keyin any imput. All were done automatically eversince starting pfSense.
This version of pfSense was imported on pfSense-2.0.3-RELEASE-amd64.ova download on Internet. Would this .ova have problem?
I also have pfSense-LiveCD-2.1-RELEASE-amd64.iso.gz download. I can create another VM installing this version.
satimis
-
Hi Steve
Created another pfSense VM (name=pfSense2.1) on pfSense-LiveCD-2.1-RELEASE-amd64.iso.gz download on pfSense site.
pfSense2.1 ======== Adapter 1 Bridge eth0 Adapter 2 Internal Network intnet
VM Ubuntu 12.04 ============== Adapter 1 Internal Network intnet
This time it works
–-------------------
Fire up pfSense2.1WAN (wan) -> em0 -> v4/DHCP4: 192.168.0.15/24 LAN (lan) -> em1 -> v4: 192.168.1.1/24
WAN gets DHCP on physical Router
Start VM
$ sudo ifconfig```
eth1 Link encap:Ethernet HWaddr 08:00:27:5a:3d:a4
inet addr:192.168.1.101 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe5a:3da4/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:12104 errors:0 dropped:0 overruns:0 frame:0
TX packets:10357 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:13944700 (13.9 MB) TX bytes:1169137 (1.1 MB)lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:1627 errors:0 dropped:0 overruns:0 frame:0
TX packets:1627 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:226777 (226.7 KB) TX bytes:226777 (226.7 KB)VM obtains IP on pfSense2.1 I can login pfSense2.1 on VM satimis
-
Ok, excellent. Remember those settings! :)
So now there are two further problems to be tackled one at a time.
1. Change the WAN connection to PPPoE directly from pfSense.
2. Add a host adapter so the host also uses pfSense as it's internet gateway.Personally I would try to do 1 first but it's up to you. Don't try to do both at the same time though it will only introduce further confusion.
Steve
-
So now there are two further problems to be tackled one at a time.
1. Change the WAN connection to PPPoE directly from pfSense.
2. Add a host adapter so the host also uses pfSense as it's internet gateway.Personally I would try to do 1 first but it's up to you. Don't try to do both at the same time though it will only introduce further confusion.
Ok I'll do step-1 first without changing Adapter 1 and 2 of pfSense. I'll do direct editing on gui pfSense to change DHCP to PPPoE
- How about the devices connection? Still behind the router?
OR
ISP -> Modem -> PC ?- Shall I add the MAC Address of eth0 ?
If unsuccessful I'll add Step-2 which, I suppose, is an addition to Step-1?
I'm not very clear of;
2. Add a host adapter so the host also uses pfSense as it's internet gateway.
Whether add another Adapter to pfSense
Adapter 3
Host-Only Adapter
Name: vboxnet0And edit /etc/network/interfaces of Host as;```
The loopback network interface
auto lo
iface lo inet loopbackauto eth0
iface eth0 inet static
Address 192.168.1.2
Netmask 255.255.255.0
Gateway 192.168.1.1auto vboxnet0
iface vboxnet0 inet dhcpPlease advise. Thanks satimis
-
Ok so to do part one, yes, change the pfSense WAN interrface to PPPoE and connect the modem directly the bridged host NIC.
Enter the correct PPP username/password in pfSense. Reboot the modem.
If it doesn't connect check the system and PPP logs in pfSense to see how far it got for clues.For part 2 that's exactly what I would do though when I read through the documentation I wasn't able to fully understand how the 'host only' adapter functions.
In pfSense go to Interfaces: (assign) and click the '+' icon and bottom to add a new interface. It will be OPT1 but you can rename it, say, HOST, if you like. Enable the interface and give it an IP address and subnet, something you're not using anywhere else. Go to Firewall: Rules: OPT1: and add a rule to allow out traffic, use the default allow rule from LAN as a template. Go to Services: DHCP Server: and add a DHCP sever to OPT1. Since you will only ever have one machine in that subnet you could use static IPs instead.Steve
-
Ok so to do part one, yes, change the pfSense WAN interrface to PPPoE and connect the modem directly the bridged host NIC.
Enter the correct PPP username/password in pfSense. Reboot the modem.login gui pfSense
-> WAN
IPv4 Configuration Type PPPoE
IPv6 Configuration Type DHCP6
DHCPv6 Prefix Delegation size 64
Username xxxxx
Password xxxxx(check) Block private networks
(check) Block bogon networks-> Save
-> Apply ChangesAfter a while
Start VM Ubuntu 12.04
$ sudo ifconfig```[sudo] password for satimis:
eth1 Link encap:Ethernet HWaddr 08:00:27:5a:3d:a4
inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe5a:3da4/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1656 errors:0 dropped:0 overruns:0 frame:0
TX packets:1088 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1311226 (1.3 MB) TX bytes:146582 (146.5 KB)lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:504 errors:0 dropped:0 overruns:0 frame:0
TX packets:504 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:38378 (38.3 KB) TX bytes:38378 (38.3 KB)$ ping yahoo.com``` PING yahoo.com (98.139.183.24) 56(84) bytes of data. 64 bytes from ir2.fp.vip.bf1.yahoo.com (98.139.183.24): icmp_req=1 ttl=46 time=254 ms 64 bytes from ir2.fp.vip.bf1.yahoo.com (98.139.183.24): icmp_req=2 ttl=46 time=278 ms 64 bytes from ir2.fp.vip.bf1.yahoo.com (98.139.183.24): icmp_req=3 ttl=46 time=235 ms
It works !
I get it connected to ISP !
Reboot pfSense```
WAN (wan) -> pppoe0 -> v4/PPPoE: 2xx.2xx.2xx.1xx/32
LAN (lan) -> em1 -> v4: 192.168.1.1/24It shows the static IP which I subscribe. > If it doesn't connect check the system and PPP logs in pfSense to see how far it got for clues. Whether on pfSense terminal -> 12) pfSense Developer Shell and look for PPP logs there ? > For part 2 that's exactly what I would do though when I read through the documentation I wasn't able to fully understand how the 'host only' adapter functions. > In pfSense go to Interfaces: (assign) and click the '+' icon and bottom to add a new interface. It will be OPT1 but you can rename it, say, HOST, if you like. Enable the interface and give it an IP address and subnet, something you're not using anywhere else. Go to Firewall: Rules: OPT1: and add a rule to allow out traffic, use the default allow rule from LAN as a template. Go to Services: DHCP Server: and add a DHCP sever to OPT1\. Since you will only ever have one machine in that subnet you could use static IPs instead. Interface -> assign click '+' to add a new interface OPT1 -> Save Interfaces -> OPT1 -> (check) Enable Interfaces IPv4 Configuration Type Static IPv4 IPv6 Configuration Type None IPv4 address 192.168.1.8 Gateway None (check) Block private networks (check) Block bogon networks -> Save -> Apply changes -> Firewall -> Rules -> OPT1 -> add new rule Action Pass Interface OPT1 TCP/IP Version IPv4 Protocol TCP - > Save Service -> DHCP server (check) Enable DHCP server on OPT1 interface I was stuck here. What range shall I fill in here avoiding the warning: ???``` The following input errors were detected: The specified range lies outside of the current subnet.
Thanks
satimis
-
You have used a /32 subnet mask on OPT1, so there are no other addresses available other than the pfSense OPT1 address. I think (without having read too much of this thread) that yourOPT! is supposed to be a different subnet to LAN, and will connect the host OS through to pfSense.
You need to put a different subnet than on the internal VM-based LAN - e.g. make it the pfSense OPT1 192.168.2.1/24 - then you can make a big (or small) dhcp range, like 192.168.2.10 to 192.168.2.99 -
-> WAN
IPv4 Configuration Type PPPoE
IPv6 Configuration Type DHCP6
DHCPv6 Prefix Delegation size 64
Username xxxxx
Password xxxxxUnless you need to have IPv6 enabled here, and your ISP is supplying it via DHCPv6, I would set WAN IPv6 to 'none'.
$ ping yahoo.com```
PING yahoo.com (98.139.183.24) 56(84) bytes of data.
64 bytes from ir2.fp.vip.bf1.yahoo.com (98.139.183.24): icmp_req=1 ttl=46 time=254 ms
64 bytes from ir2.fp.vip.bf1.yahoo.com (98.139.183.24): icmp_req=2 ttl=46 time=278 ms
64 bytes from ir2.fp.vip.bf1.yahoo.com (98.139.183.24): icmp_req=3 ttl=46 time=235 msIt works ! I get it connected to ISP !
Nice! :)
-> 12) pfSense Developer Shell
and look for PPP logs there ?Nope the PPP logs can be found via the webgui. Status: System Logs: PPP tab.
However I wouldn't worry about that because you have managed to connect successfully, the logs will just detail the connection succeeding.Interfaces -> OPT1 -> (check) Enable Interfaces
IPv4 Configuration Type Static IPv4
IPv6 Configuration Type NoneIPv4 address 192.168.1.8
Gateway None
(check) Block private networks
(check) Block bogon networksLike Phil has pointed out you are already using the 192.168.1.X subnet for LAN. You need to use something like 192.168.2.X.
The Block bogon and private network boxes should be unchecked.-> Firewall -> Rules -> OPT1
-> add new rule
Action Pass
Interface OPT1
TCP/IP Version IPv4
Protocol TCPWhat did you put for the source and destination? Can we get a screenshot of this rule please.
Steve
-
Hi Steve,
I don't know what has happened here. I'm now posting from another PC (PC2)
After lunch I turned on PC1 but couldn't get VM connected Internet again. I have spent 2 hrs and couldn't figure out the problem.
I have 2 pfSense installed on PC1, but not running at the same time. Both of them worked before Lunch. I have not changed any config nor cabling.
pfSense2.1
pfSense2.11 (adding OPT1)Now after starting
pfSense2.1
WAN -> em0 -> pppoe
LAN -> em1 -> 192.168.1.1/24pfSense2.11
WAN -> em0 -> v4: xxx.xxx.xxx.xxxx/30 (static IP)
LAN -> em1 -> v4: 192.168.1.1/24
OPT1 -> em0 -> v4: xxx.xxx.xxx.xxxx/30 (static IP)VM can login gui pfSense but unable to connect Internet.
It is very strange to me.
satimis
-
Did you reboot the modem? It will usually only allow connection from one MAC address. Depending on how that is configured it may see it as the physical NIC MAC or some MAC auto generated by VBox. You usually have to reboot the modem to get it to talk to a new device. Possibly the auto generated MAC changed when you rebooted PC1.
Steve
-
I couldn't figure out what has happened here. The only way for me to reboot the modem is to switch off and on its power supply. I have done that multiple times.
I also suspect the problem coming from the vNIC? So I did following test on PC1:
- Config Host /etc/network/interfaces to connect pppoe
- Cable connection: ISP -> Modem -> PC1
- Reboot PC
- "pon dsl-provider", PC1 connects ISP. Host can browse Internet without problem
- Set VM
Adapter 1
NAT - Start VM. It connects Internet without browsing problem.
Reconfig Host /etc/network/interfaces not to establish connection at boot. Switch off/on modem and rebooted PC.
Created another pfSense, naming it pfSense2.12 and config pppoe. It re-starts without problem showing connecting ISP on terminal:
WAN (wan) -> pppoe0 -> v4 xxx.xxx.xxx.xxx (Static IP Address)
LAN (lan) -> em1 -> v4: 192.168.1.1/24Start VM
Adapter 1
Internal Network
intnetIt can't browse Internet
On pfSense Dashboard
It shows Static IP but not inside the box. ISP nameservers are displayed.
(Please see image attached)If connection can't be established the Static IP will not be displayed on Dashboard
(please see image attached)
-
Hmm, have you always been using a static IP with the PPPoe connection? That's unusual.
If the PPPoE connection is not established then I would not expect to see anything in the box. The software cannot query the IP address of a connection that doesn't exist.Steve
-
Hmm, have you always been using a static IP with the PPPoe connection? - snip -
In daily operation the connection is behind a router;
ISP -> Modem -> Router -> PC
assign Static IP automatically.
Direct connection;
ISP -> Modem -> PCon Static IP is for testing only to check whether the vNIC is working properly.
What I can't understand is on pfSense terminal it shows connecting ISP. But VM can't connect Internet.
satimis
-
So can the pfSense VM connect to the internet when that is shown?
Diagnostics: Ping:Steve
-
So can the pfSense VM connect to the internet when that is shown?
Diagnostics: Ping:Yes, I can ping yahoo.com there and other IP adresses as well.
IT IS VERY FUNNY TO ME !!!
I found out the cause of problem. It is the static LAN IP Address assigned to VM by me.
There are 2 Ubuntu12.04 VMs, say VM1 and VM2, for this test. After starting pfSense, it assigned 192.168.1.102 and 192.168.1.103 to VM1 and VM2 respectively.
Then I edited
VM1 (/etc/network/interfaces)```auto lo
iface lo inet loopbackauto eth0
iface eth0 inet static
address 192.168.1.102
netmask 255.255.255.0
gateway 192.168.1.1VM2 (/etc/network/interfaces)``` auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 192.168.1.103 netmask 255.255.255.0 gateway 192.168.1.1
Rebooted both VMs making sure they work. "sudo ifconfig" showed the correct LAN IP address.
After lunch I started pfSense and was not aware a new range of LAN IP created.
After deleling```
auto eth0
iface eth0 inet static
address 192.168.1.102/192.168.1.103
netmask 255.255.255.0
gateway 192.168.1.1on their /etc/network/interfaces, rebooted both VMs. Now they can browse Internet. VM1 - ifconfig``` eth1 Link encap:Ethernet HWaddr 08:00:27:5a:3d:a4 inet addr:192.168.1.10 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::a00:27ff:fe5a:3da4/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:216 errors:0 dropped:0 overruns:0 frame:0 TX packets:176 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:52802 (52.8 KB) TX bytes:20666 (20.6 KB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:82 errors:0 dropped:0 overruns:0 frame:0 TX packets:82 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:7778 (7.7 KB) TX bytes:7778 (7.7 KB)
VM2 - ifconfig```
eth0 Link encap:Ethernet HWaddr 08:00:27:10:8c:3d
inet addr:192.168.1.11 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe10:8c3d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1189 errors:0 dropped:0 overruns:0 frame:0
TX packets:1215 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1161881 (1.1 MB) TX bytes:248401 (248.4 KB)lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:196 errors:0 dropped:0 overruns:0 frame:0
TX packets:196 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:31707 (31.7 KB) TX bytes:31707 (31.7 KB)Why VM1 uses eth1 and VM2 eth0? Not both eth0? Please advise how to fix the range of LAN IP assigned? How to fix only assigning eth0? Before proceed OPT1 Thanks satimis
-
192.168.1.10 and .11 are what I would expect the pfSense DHCP server to hand out. The .102 and .103 addresses are much higher in range, did you enter those manually?
I don't know why VM1 is using eth1 but it implies it must have two virtual NICs assigned to it in VBox. Presumably one of those adapters is set as some other type. It should have only one adapter that is set as Internal Network.
Steve
-
192.168.1.10 and .11 are what I would expect the pfSense DHCP server to hand out. The .102 and .103 addresses are much higher in range, did you enter those manually?
I couldn't recall exactly on configuring pfSense. I have been asked to input subnet range. But none of the range input was accepted. Then I continued.
I'll reconfigure a pfSense later please advise how to fill in the subnet range? Thanks
I don't know why VM1 is using eth1 but it implies it must have two virtual NICs assigned to it in VBox. Presumably one of those adapters is set as some other type. It should have only one adapter that is set as Internal Network.
Just I start the 3rd VM(LinuxMint16)
$ sudo ifconfig```eth0 Link encap:Ethernet HWaddr 08:00:27:0a:75:b9
inet addr:192.168.1.12 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe0a:75b9/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:20 errors:0 dropped:0 overruns:0 frame:0
TX packets:106 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2559 (2.5 KB) TX bytes:17153 (17.1 KB)lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:24 errors:0 dropped:0 overruns:0 frame:0
TX packets:24 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1983 (1.9 KB) TX bytes:1983 (1.9 KB)Started 4th VM(Ubuntu12.04) $ sudo ifconfig``` eth2 Link encap:Ethernet HWaddr 08:00:27:6c:ae:ac inet addr:192.168.1.13 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::a00:27ff:fe6c:aeac/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:71 errors:0 dropped:0 overruns:0 frame:0 TX packets:136 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:29464 (29.4 KB) TX bytes:17288 (17.2 KB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:22 errors:0 dropped:0 overruns:0 frame:0 TX packets:22 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1905 (1.9 KB) TX bytes:1905 (1.9 KB)
I'm most concerned how to set Static IP if the ethX port continues changing?
satimis