Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    No WAN connection…nic issue?

    Scheduled Pinned Locked Moved Hardware
    11 Posts 5 Posters 1.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      wlraider70
      last edited by

      Hello,

      I'm trying to figure my first pfsense box and I cant seem to get traffic on my WAN card (nfe0)

      ifconfig nfe0
      status: active
      
      
      ping 68.168.1.1
      100.0% packet loss
      

      I'm pinging my test router.

      Also, this interface does not show up on my router.

      Here are a bunch of pictures, im at a loss for what is blocking traffic.

      ps. I posted in hardware since I'm starting to feel like the issue is the nic itself, (cry of the noob; hardware is broken). If this is better suited elsewhere please move it.

      Capture.JPG
      Capture.JPG_thumb
      Capture2.JPG
      Capture2.JPG_thumb
      Capture3.JPG
      Capture3.JPG_thumb
      Capture4.JPG
      Capture4.JPG_thumb
      Capture5.JPG
      Capture5.JPG_thumb
      Capture6.JPG
      Capture6.JPG_thumb

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis
        last edited by

        Do you really have something upstream on 68.168.1.1?
        That is a public IP address, and it would be a big coincidence that your ISP gave you and address that is so similar to the 192.168.1.1 default pfSense LAN IP  ;)
        What is your testing setup? More detail and we might be able to spot the problem, and I suggest don't use public IPs for private testing networks.

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • W
          wlraider70
          last edited by

          ISP > home router (10. based) > test router (68.168.1.1) > pfsense box > laptop

          The ip is a public one, just to make sure I didn't have issues with routing, (I later saw the check boxes to ignore those problems)

          The test router is functioning properly. The goal was to make it simulate the cable modem.

          1 Reply Last reply Reply Quote 0
          • D
            doktornotor Banned
            last edited by

            @wlraider70:

            The ip is a public one, just to make sure I didn't have issues with routing, (I later saw the check boxes to ignore those problems)

            What do you mean?!  :o ??? Stop stealing public IPs, even for testing, this will NOT work properly! Instead of preventing routing issues, it actually does cause them!

            1 Reply Last reply Reply Quote 0
            • H
              Harvy66
              last edited by

              When you use an IP that is not yours, you are "spoofing", and many ISPs block IPs that they don't hand out. Packets don't magically route back to you, they route back to where the official registration of the IP is. Use private IPs, like one of the many /24 subnets you can have with the 10.x.x.x block.

              1 Reply Last reply Reply Quote 0
              • W
                wlraider70
                last edited by

                ok, I may have a major flaw in my understanding, or perhaps I needed to clarify that both routers have NAT enabled.
                I thought that my "internal" address were irrelevant. Furthermore my internet was functioning at the "test"router.

                Regardless I changed all my internal stuff to RFC 1918

                Comcast ISP > home router (10. based) > test router (192.168. based) > pfsense  (Lan 172.16 based.) > laptop

                connection fails at /////

                Comcast ISP > home router (10. based) > test router (192.168. based) /////// pfsense  (Lan 172.16 based.) > laptop

                1 Reply Last reply Reply Quote 0
                • P
                  phil.davis
                  last edited by

                  Yes, aside from all the banter about private and public IP addresses, your little test scenario should work fine because you are behind NAT. (The only problem you would have in real life is reaching any web services at the real 68.168.1.* public addresses)

                  From your previous screenshots it all looks good on pfSense.

                  Check that testrouter is passing packets, if it has a packet capture, then look for the incoming pings from pfSense.

                  Check the lights on the pfSense WAN and testrouter LAN NICs? Is the cable good? Are the NICs old, and thus you need a crossover cable to make a direct connection? Put a switch in the middle and have 2 cables - avoids the crossover cable question.

                  As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
                  If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

                  1 Reply Last reply Reply Quote 0
                  • W
                    wlraider70
                    last edited by

                    I booted the pfsense box with an Ubuntu live disk and all the connections work.
                    It shows on the test router DHCP list and responds to pings.

                    edit– I swapped the interface roles. Now the issues looks like

                    Comcast ISP > home router (10. based) > test router (192.168. based) > pfsense  (Lan 172.16 based.) ///// laptop
                    issue at ///

                    the problem is revolving around the specific interface.

                    1 Reply Last reply Reply Quote 0
                    • stephenw10S
                      stephenw10 Netgate Administrator
                      last edited by

                      You see anything in the logs?

                      Can you set the pfSense WAN to DHCP instead of using static IPs, does it receive an IP from the upstream router?

                      Steve

                      1 Reply Last reply Reply Quote 0
                      • W
                        wlraider70
                        last edited by

                        So now that the nic in question is the lan. I opened the log /var/log/dhcd.log

                        edit : the dhcp IS being received by my laptop.

                        I also tried custom loading the kernel module if_nfe.ko
                        It appears to have loaded, but no change in the NIC.

                        more info:

                        I can ping from pfsense to my laptop, but not back.

                        1 Reply Last reply Reply Quote 0
                        • stephenw10S
                          stephenw10 Netgate Administrator
                          last edited by

                          Nothing in the firewall log?

                          Something that jumps out at me is that your nfe0 NIC has flow-control enabled. If the connecting NIC is not supporting that it could explain it. Though you might expect no traffic at all. Try running this to see what modes it supports:

                          ifconfig -m nfe0
                          

                          Also you could try disabling all the hardware offloading options in System: Advanced: Networking:

                          Steve

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.