Trouble obtaining DHCP lease from ISP
I'm having trouble obtaining a DHCP lease from my ISP on the WAN interface of my new pfSense build and I hope someone here will be able to help me.
Basically, when I connect the cable modem directly to my pfsense box it refuses to obtain an IP from my ISP. If, however, I connect the modem to my old router (a D-Link DIR655) and then connect the pfsense box to that, it obtains an IP from the D-Link without issue.
Here is what I believe to be the relevant part of the system logs, upon booting up pfsense, with the modem plugged directly into the pfsense box:
Aug 31 22:22:00 check_reload_status: Linkup starting igb0
Aug 31 22:22:00 kernel: igb0: link state changed to UP
Aug 31 22:23:18 php: rc.bootup: Resyncing OpenVPN instances.
Aug 31 22:23:18 php: rc.bootup: The command '/sbin/route change -host 188.8.131.52 192.168.203.1' returned exit code '1', the output was 'route: writing to routing socket: No such process route: writing to routing socket: Network is unreachable change host 184.108.40.206: gateway 192.168.203.1: Network is unreachable'
Aug 31 22:23:18 php: rc.bootup: The command '/sbin/route change -host 220.127.116.11 192.168.203.1' returned exit code '1', the output was 'route: writing to routing socket: No such process route: writing to routing socket: Network is unreachable change host 18.104.22.168: gateway 192.168.203.1: Network is unreachable'
Aug 31 22:23:18 kernel: pflog0: promiscuous mode enabled
Aug 31 22:23:21 php: rc.bootup: ROUTING: setting default route to 192.168.203.1
Aug 31 22:23:21 php: rc.bootup: The command '/sbin/route change -inet default '192.168.203.1'' returned exit code '1', the output was 'route: writing to routing socket: No such process route: writing to routing socket: Network is unreachable change net default: gateway 192.168.203.1: Network is unreachable'
Aug 31 22:23:21 check_reload_status: Updating all dyndns
Aug 31 22:23:21 check_reload_status: Linkup starting igb1
Aug 31 22:23:21 kernel: igb1: link state changed to UP
Aug 31 22:23:25 php: rc.bootup: Creating rrd update script
Aug 31 22:23:25 syslogd: exiting on signal 15
Aug 31 22:23:25 syslogd: kernel boot file is /boot/kernel/kernel
Aug 31 22:23:25 php: rc.start_packages: Restarting/Starting all packages.
The 192.168.203.1 address is the gateway of my old D-Link router, which was NOT connected at the time. I don't know how or why it is trying to use this gateway…
To get some of the most obvious things out of the way:
- I cycle the power on all devices
- the WAN interface is set up for DHCP, with the interface speed settings set to Default(auto)
- Comcast is my service provider
- the cable modem is a ARRIS TM402P and the interface speed on the modem is 100baseT(full)
- the NICs on the pfsense box are the Intel i354
- Too tired at this point to remember a few other things, sorry
One important note:
If I force the WAN interface speed to 100baseTX(full), I am able to get pfsense to obtain a DHCP lease and I get a working internet connection. However, this comes at a cost as the interface on the modem only works at half duplex (don't know why), which causes my internet speed to drop to only a fraction of it's actual speed.
Thank you in advance for your help.
One suggestion: Obtain the MAC-address of the WAN interface of your old router and assign the WAN interface of the pfSense this MAC.
Just give it a try…
Thanks for your reply.
Unfortunately, I've already tried and it was a no go. Any other suggestions?
And why would the WAN interface be trying to use an old gateway that it is not connected to?
Looks like your wan is connecting to a private address. You are not blocking private addresses on the WAN are you
To give you some background:
When I initially configured my pfsense box, I connected the cable modem to it, cycled the power on the modem, etc etc… I could not get it to work. I tried unblocking private networks, no go. After a bit of testing/configuring/rebooting, I decided to verify whether or not I was dealing with a faulty NIC.
That's when I tried this setup:
modem -----> old D-Link router -------> pfSense.
With this setup pfsense obtained a DHCP lease from the D-Link router without any issue. However, after that experiment, pfsense's WAN interface keeps trying to use that gateway you see in the logs even when it is NOT connected to it. Rebooting the pfsense box has no effect.
To answer your question: No, I am not blocking private networks. What I don't understand is WHY is it still trying to connect to the D-Link's gateway (the 192.168.203.1) when it is NOT connected to it? Looks like it has that gateway stored somewhere... if so, where would I be able to clear it?
Figured it out… it was something so basic as flushing dns on the pfsense box. :-[