Can't Access WAN Gateway, After Config. of Gateway Group.



  • Hello,

    I'm currently running:

    2.1.4-RELEASE (i386)
    built on Fri Jun 20 12:59:29 EDT 2014
    FreeBSD 8.3-RELEASE-p16

    • For wireless internet, I had been using a Windows Mobile phone, with an OpenWRT box, as a protocol bridge, from RNDIS to ethernet.  When the phone connected properly to the OpenWRT box, I had no problem running it through pfSense.

    • I added a USB 3G wireless device, connected as a PPP.

    • I set up a two tiered Gateway Group, with the above devices, AND firewall rules.  It didn't work, so I set the ppp device as the default gateway.




    • NOW, I've decided to stop using the 3G ppp device.

    • I tried setting the OpenWRT gateway as primary, in the Gateway Group; NO JOY!

    • I set the OpenWRT gateway as the Default Gateway.  It didn't help.

    • I physically disconnected and disabled the ppp interfaces, deleted the Gateway Group, and disabled the firewall rules for that Gateway Group.  No change!

    • I tried setting a firewall rule, to send traffic to the, already, Default Gateway.  No effect!

    • I tried disabling Packet Filtering.  Nothing!

    • I ruled out a defective ethernet cable.

    • The WAN interface, and associted gateway, report being "UP".

    • I can ping my OpenWRT gateway, from the pfSense box.

    • When I plug the ethernet patch cable into my OpenWRT box, and my desktop's LAN port, IT WORKS!"

    Of course, that means I'm NOT using pfSense!

    Does anyone know what to try, BEFORE doing the 'restore to factory defaults' thing?

    Thanks for reading!



  • For the readership who searched for an answer…


    • I'm assuming the 2 tiered failover setup failed, due to not isolating individual external DNS I.P.s with specific gateways, on System: General Setup https://pfsense/system.php.  I'm not sure why that is necessary, and why only one DNS server is available to each gateway, in such a configuration.  If a server is down, or unreachable, I'd much rather have a list.  I wonder what would happen if each individual D.N.S. I.P. was an alias I.P., pointing to a list, shared by all gateways…

    • I gained insight on that issue, by trying to help someone on here.  Doing so prompted me to re-read THIS: https://doc.pfsense.org/index.php/Multi-WAN_2.0

    • The remaining problem had been that the gateway selected, was the tethered phone, with no defined route through the OpenWRT box's gateway.

    • I changed the gateway to the OpenWRT box, and am back online via pfSense.


    I'll have to wait to try a failover setup, but the main problem is SOLVED.

    Of course you should always check the simple things.  True, none of us like to jump through a phone tree, to get a clueless Customer (dis)Service "tech", reading script prompts like, "Is your device turned on?"  However, it can be VERY helpful to have someone double check, especially someone with far more experience.

    "Thanks"… :(


Locked