Pfsense is not connecting to internet
-
Hello,
So I just installed pfsense 2.1.5-RELEASE (amd64) which supports 2 LAN and 1 WAN interface and I am currently facing an issue.
I've the proxy settings up and running and I see the "You are on the latest version" message on the dashboard but when I am trying to install / download packages and click on "Available Packages", I get the following error - "Unable to communicate with http://packages.pfsense.org. Please verify the DNS and Interface configuration, and that pfSense has functional internet connectivity.
Also I am unable to ping any site such as google.com while I have the DNS routed to 8.8.8.8 and 8.8.4.4.
I have tried downloading a local copy of the packages and copying them over to the pfsense box but I am also unable to do that as the scp client doesn't let me login to the pfsense box for more than 15 seconds.
Any help will be highly appreciated
Thank You
-
Sounds like you have configured things wrong.
Are you on a public IP with this or behind another router?
-
Did you get this fixed? I have same problem, I've been running 2.1.3 for about 6 months. I recently upgraded to 2.1.5 and now my box can't get out. Everything in my lan 'works' my big problem is I had pfsense setup as DNS and now it can't get it out. I changed my machines to point straight to DNS and everything works just fine. I tried reverting back to 2.1.3, didn't fix the problem. I'm going to try doing a fresh install of 2.1.5 see if that works, else I'll just do a fresh install of 2.1.5.
-
hi :) can you post your config for your interfaces? I issued the same problem with two WAN connections… maybe there is something wrong with the internal routing. I solved this by setting up my firewall rules with the correct gateways. In an "older" installation of pfsense with two LANs i had to put up correct routing (as other solution).
-
Hi,
Thank you all for your feedbacks. Unfortunately, I have not yet found a solution for this :(
@kejianshi,
I believe I have configured an internal IP and hence it may not be public@Frankenberry,
Please let me know if you could resolve the issue. If downgrading to 2.1.3 works, I might as well do that.@TBix,
Attached is the screenshot for my interfaces. Is the older version of pfsense the only option?Regards
Ehsan
-
Yeah - Thats a private address.
Check interfaces > WAN and make sure "block private IP" is NOT checked.
Save the changes. maybe reboot and then try again.
-
Hey keijanshi,
Thanks for the update!
I tried this and it still didn't work. I unchecked the "Block private networks" option but I end up getting the same error. Also I have noticed something else, when I click on "Available packages", my browser footer shows up the message "Waiting for 10.1.2.1", which is the IP of the LAN. Shouldn't it try to connect to the WAN IP?
Thanks
Regards
Ehsan -
No. It'll be waiting for a response from whatever address you're connected to for the webConfig. 10.1.2.1 looks right.
I've the proxy settings up and running and I see the "You are on the latest version" message on the dashboard but when I am trying to install / download packages and click on "Available Packages", I get the following error - "Unable to communicate with http://packages.pfsense.org. Please verify the DNS and Interface configuration, and that pfSense has functional internet connectivity.
What proxy settings?
-
Okay that makes sense.
With proxy settings, I meant the Proxy support in System > Advanced > Miscellaneous. I have the same proxy url and the proxy port that I am using in my laptop to connect to the internet.
Regards
Ehsan -
Is your gateway on your WAN being assigned by DHCP or by you via static IP settings?
Because I'm wondering if that gateway should end with a .1 instead of what you have configured.
like 10.114.113.1
-
I got my issue resolved. I have dual wan ports. I didn't realize that one is 'wan' and the other is 'optional'. The 'wan' connection was down but my other connection is functional. So all my computers still would route out my 2nd connection but apparently the pfsense box itself will only use the 'wan'. I just swapped the working one with the non-working one and everything is good now. Hopefully you can get your issue fixed.
-
Hey Keijanshi,
The gateway on my WAN interface was assigned by me via static IP settings. I will give 10.114.113.1 a try and get back to you with this.
On my end, I have 2 LAN interface configured and one WAN. So for the LANs, I have one as LAN1 and the other as "optional". But since I have just one WAN interface, I am not too sure whether the same issue is applicable to me. Could you please elaborate so that I can dig further maybe?
Thanks
-
Hey everyone,
So I just ran a bunch of tests and wanted to share the results with you.
01. Gateway configured to 10.113.114.1
When I set the gateway to this IPv4 address, I am unable to see "You are on the latest version" on the pfsense dashboard with the correct proxy settings. Also I don't get any internet activity on the 2 LAN interfaces that I have configured with pfsense. I am unable to browse anything in those machines as I get a proxy server error. When I changed back to 10.113.114.129 for the Gateway for the WAN interface, I am able to see the message "You are on the latest version" on pfsense dashboard along with the fact that I am able to browse the internet in the two LAN interfaces that are connected to the pfsense box, but not the pfsense box itself.
02. Pinging the two LAN interfaces
When I ping the two LAN interfaces from the pfsense box, I get packets received results which means I am able to ping them both accordingly. Also when I ping the WAN of the pfsense box from any of the LAN interfaces, I am able to see ping results as well.
03. The two LAN interfaces connect to the internet from the browser but doesn't ping any outside DNS.
So with the correct config of the WAN in the pfsense box, I am able to browse the internet in the machines that are connected to the LAN interfaces of the pfsense box using the browser but when I am trying to ping any DNS server (eg., www.google.ca), I am not seeing any results.
As a TLDR - I am able to browse the internet from the 2 LAN interfaces connected to the pfsense box but not through the WAN interface. Also it seems that if I have the incorrect configuration of the pfsense WAN interface, I do not access internet in any of the LAN interfaces.
Hopefully, this gives a clear picture
-
Not really. How about you make a diagram: www.gliffy.com
-
Attached is the diagram.
So my WAN interface is connecting to the ISP switch. The two LAN interfaces have access to internet when I have the correct WAN gateway and proxy configured. But for some reason, I am unable to access the internet from the pfsense box, although I get the message "You are currently running the updated version." Also the two LAN interfaces can only access the internet through the WAN interface as specified in my tests earlier.
Thanks
-
Still no idea. What is the device in the middle of your diagram?
-
@Ehsan92:
On my end, I have 2 LAN interface configured and one WAN. So for the LANs, I have one as LAN1 and the other as "optional". But since I have just one WAN interface, I am not too sure whether the same issue is applicable to me. Could you please elaborate so that I can dig further maybe?
Thanks
I have 2 internet connections. When I did the assign interfaces it asks to pick which interface is 'wan' and I picked re2 which is connected to one of my internet connections. Then it asked which interface is 'lan' I picked re0 which is connected to my switch. Then it asks to setup additional interfaces 'optional' and I picked re1 which has my other internet connection. My DHCP assigns the pfsense box as the gateway and dns. When I started having problems, it looked as if it were a DNS issue. I couldn't resolve any hosts but I could connect directly to ip that includes ping and browsing and everything else. I then changed the DNS from pointing to the pfsense box straight to DNS server. Then everything worked as normal. When I logged into the pfsense box I noticed it couldn't get out to the internet. It couldn't ping out but I could ping locally. Then I disabled the 'wan' interface and when I tried to ping from the pfsense box i got no route error. But everything in my lan could. I then re-enabled wan interface and swapped my internet connections. Everything then works as normal. Let me know if you need any further explanation.
-
This has turned into such a saga that I wonder if starting from scratch wouldn't be a good idea?
-
Yeah. And back off on the Multi-WAN - just forget it exists, unplug it, whatever, and get one WAN working first.
I would put LAN on re0 and WAN on re1 and save re2 for later when you bring up the other WAN.
-
Exactly. This actually should be really simple which has me thinking you have changed something that shouldn't have been changed.
I'd do like he said. Get WAN1 up and then WAN2 after all is good with a single LAN and WAN.
Start over is likely to save you lots of time.
-
Hey,
I really appreciate all of your feedbacks.
So I believe the issue is the fact that the office network is behind a proxy so even if I let the DHCP assign a IP and gateway/DNS to the WAN, it wouldn't let me connect to the internet through the pfsense box.
Is anyone aware of a way around if you are behind a proxy so that the WAN can access the internet?
Thanks
Regards
Ehsan
