Not able to ping through Wan or Lan



  • Okay update time.

    So we have had a good step forward! I was able to connect an ethernet cable to my NIC and then connect it directly to my router therefore creating a Lan to Lan connection (I think?). I was then able to ping google directly from pfsense without any packet loss. This was with setting the interface to re0 manually.

    Atleast we know that this NIC works with sending out data but how will a Lan to Lan connection help me with the add of of pfsense? Not really sure if I would be able to use it as a router or just an add of firewall or how I would go about accessing the pfsense console. I tried to go to 192.168.1.1 but of course that brings up my current router, I then changed the current router to 192.168.1.2 and then tried to access pfsense's console by going to 192.168.1.1 and nothing.

    So I am glad that I have determined that atleast one of the NIC's works and I am able to actually ping out to the inter webs but what now, what can I use pfsense for? (noob questions I know)

    See pictures below and explanations. (forgive wiring mess :))


    Here you can see that I was finally able to ping Google directly from pfsense via a Lan to Lan connection.


    I have the Wan set up on pfsense set to my NIC, would this make it a Wan to Lan connection now thinking about it? (confused on this one)


    Last but not least you can see that on the far right I have the yellow as my Wan from modem and the second from the right (white) is the ethernet going to pfsense router, all other cables are Lan (switch) to the rest of the house.



  • I have an Idea…  Maybe a little bit not what you want, but it appears that you single NIC is either a PCI or PCIe NIC.  Is this correct?

    If so, you can pull that NIC and replace it with a 2 port NIC, preferable made by intel, and you are home free.





  • Hello kejianshi,

    This is what I was thinking! I did not originally have it hooked up to the current router but wanted try to see if I could get access to anything within or outside on the internet, and it worked. I was wondering the way it is currently hooked up is there any way to configure it just as an add on firewall or is just pretty much wasting power?

    I do see that the best option is to purchase a new NIC and I will do that ASAP just wondering how the functionality of everything tends to work on the network level, learning experience here.

    Thanks again for the links any true difference between those two cards that you have linked? BTW it is a PCI slot on the motherboard, I do like how the second NIC that you have linked has the addition of the slim card backing slot.



  • No functional difference for you - I'd get the shorter PCI card
    Less likely to interfere.

    I'd also pop open the case and visually check that if the card is significantly longer than the slot it sits in it won't be hitting anything

    Other than that, no issues.  Should be plug and play.





  • Just to clarify a bit here, when I install this card I will be able to use both slots, one for Wan and one for Lan on the same card and then be able to feed to a switch?

    One other question while this thread is still going…
    I would like to use this pfsense router as my main router coming from my modem as Wan and then out as Lan (of course) but then I would like to use my existing router after the firewall. So I believe I have two options, either to attach my old/current router in a Lan Lan config (Lan from pfsense going into Lan on old/current router) and or a Lan to Wan connection (Lan from pfsense to Wan on old/current router). I do understand if I go the Lan to Wan route that I would have to change the default IP of the old/current router to be able to access the pfsense web console. My goal is to be able to use that old/current router as an AP for wifi, what are the pros and cons of doing it either way?

    Thank you in advance for everyone's help in the thread as I was able to finally conclude that the on board NIC is not supported by pfsense, will be purchasing the Intel NIC shortly!



  • Well - The smart thing to do is bridge your old mode/router to provide a public IP to pfsense WAN and don't use it for a switch/router at all.

    Maybe eventually replace your combo modem router with just a modem. (assuming you are using some combo junk that was provided)

    If there is another router with a bunch of ports on it, I'd also recommend not use it.  Replace it with a dumb switch or 2 daisy chained switches of 1 isn''t enough for you..

    orrrrrrrr….  take a look here:

    http://www.ebay.com/itm/Netgear-GS724T-ProSafe-24-Port-Gigabit-Switch-/231330715215?pt=US_Network_Switches&hash=item35dc62964f

    Better description here...

    http://www.newegg.com/Product/Product.aspx?Item=N82E16833122138

    Plenty of ports and you get to learn all about vlan if you don't already know.

    I bolted 1 like that to the wall in my kids basement and never looked back...

    But as far as the 2 port NIC card, yes - That will work well.  Both ports providing a super super reliable WAN and LAN.



  • Incase you wonder "What would I do with a VLAN switch"  AKA layer 2 managed switch,

    You will have 1 lan and 1 wan.

    Using vlans you can seperate traffic.

    Create a network for sharing everything in the house…

    Create Another that shares nothing and only has internet...

    Create another that is kid friendly, no porn zone...

    Whatever you need.  And because its VLAN, you wont need a bunch of seperate LAN ports.  The one LAN will do.

    OR, you can just use it like a big, reliable, fast 24 port dumb switch and its still worth it.

    I noticed that your router has no free ports, thats why I tossed that idea in.



  • "The smart thing to do is bridge your old mode/router to provide a public IP to pfsense WAN and don't use it for a switch/router at all.
    Maybe eventually replace your combo modem router with just a modem. (assuming you are using some combo junk that was provided)"

    I think you confused me a bit here, so just to clarify what is on my end, I do have a separate modem and a router, they are not in one unit. (I will not be using pfsense as a switch)
    So just thinking this out in my head I would assume by bridging you mean to have the Wan from the modem go to the Wan into pfsense then Lan out of pfsense will go to current router, but do I want to set that router up as a Lan connection from pfsense or plug it into the Wan connection of the router to make it a dual router network or just use it as an AP/switch if that is possible?

    Let me know if that makes any sense at all!

    As for VLan I will have to worry about that down the road since I have not looked into it yet.



  • If your modem is one unit and your router is another, lets put your old router aside for a moment….

    You would go from your cable or DSL modem into the WAN of the pfsense.  Your pfsense replaces your old router.

    Then you need a switch to plug into the LAN port of the pfsense.

    I don't know what router you are using now, but unless it can be loaded with DDWRT, I wouldn't want to use it as your switch probably.

    You see, routers tend to mess up NAT and DHCP when you attempt to use them as a switch.

    Unless you are really pretty expert and know exactly what you are doing, I'd toss that old router and replace it with a switch.

    You will be glad you did when you are sleeping nights instead of trouble shooting a flakey network.



  • Haha this makes perfect sense now, but as for a wifi connection (there is no room to put a wifi card into the pfsense router). In theory I could use that old router as an AP is that correct?



  • If you do it correctly, you would disable DHCP on the old router…

    Disable NAT on the old router...

    Then plug any 1 of the ports (other than WAN) on the old router into the switch you attach to pfsense LAN

    And put tape over the WAN port of the old router, so no one ever tries to use that port.

    And yes - you can wifi that way.  You can even use it as a switch that way.

    But so few people do it correctly, So I recommend a wireless AP and a good cheap switch instead.

    What is the model number of your router?



  • I have a WD F2F



  • It looks nice…  Maybe buy an AP and a switch and sell the router on ebay?

    You can try to disable DHCP as I said and use it directly as a switch.

    It might work.  I use serveral routers I've loaded with DDWRT in the way you want but I wouldn't venture to try DDWRT on that router of yours.

    In any case, the first step is buy that NIC (-;


  • Netgate Administrator

    Before you do that there is a potentially serious error in your config.
    Earlier you said you have reset the box and used the default values. You also said your current router is using the 192.168.1.1 address. This is a problem because pfSense also uses that address for its LAN. You changed the router address to 192.168.1.2 but that is still in the same subnet. PfSense must have different subnets on its wan and lan otherwise routing will not work.
    Change one device to use a different subnet, for example use: 192.168.100.1

    Steve



  • That is correct, but I had never tried the dual router method as this last time I had only taken a Lan from the old router to the Wan of the pfsense router. This is not how the end result will be just wanted to test the NIC and see if I could get anything to work (pinging wise).

    The end result will be the modem then the pfsense router and that router will then feed the old router via either Lan to Lan or possibly even Lan to Wan if I decide to do the last one that I will have to reset the IP subnet mask for the old router since it is set to the default 192.168.1.1.

    Please let me know if I am understanding this correctly.

    Thanks again everyone for all of the help!


  • Netgate Administrator

    Yes, that's correct. As long as your modem is a separate device you should be ok.
    Sorry I jumped in there without thoroughly reading those last posts.  ::)

    Steve



  • I'm just not sure how successful you can be in turning off DHCP on that router and making it act like a switch.  Thats what bugs me about the anticipated config.

    And I'm certain you dont want modem > pfsense WAN >  then pfsense LAN > Old Router WAN as thats double NAT  (not Good)

    If you start having issues, be aware that odds are its your old modem messing things up for you.



  • So I think I have completed my findings and come up with a plan of action to complete this network.

    Okay so to start I just wanted to make sure that the internal card was not working so I tried every interface possible connected to the internal port with no success pinging to Google. So I can finally say my issue lies on the on-board port, not a big deal as I will get that Intel PCI card and go from there.

    As for my completed network I will have the modem go to the Wan of the pfsense and then Lan out to a switch where I will have all of my computers hooked up via ethernet, also at two ends of those ethernet cables I will have to AP's one at one end of the house and another at the other. I already have one pure AP and I will try to configure my old router as an AP via a Lan to Lan connection.

    One day I will convert my private network to a VLan but for now I will work with what I got since I have no clue how to set up a VLan.

    Anyways thank you again for all of your help and if you have any further suggestions please let me know.



  • Enjoy.  Let me know when its up (-:


Log in to reply