Noob attempting to implement pfSense



  • I am trying to educate myself regarding networking, and firewalling.
    I have a 6 year old HP desktop that I'm trying to turn into a router with pfSense.
    The board is an ASUS IPIBL-LB. The chip is an Intel Pentium Core2 Duo E 6300.
    The chipset is an Intel G63. There is 8 GB in dual path ram. The storage device is a San Disk 240 GB SSD.
    I have installed pfSense rel. 2.1.5 (amd64) because I understand that the chip is 64 bit capable.
    The board has a Realtek onboard NIC, and I have added a Realtek NIC in the PCI socket.
    pfSense sees the NIC's and I can assign them as re0 for the WAN, and re1 for the LAN.
    To keep it simple for my understanding, I connect re0 to my Comcast input, which is a Netgear CMD 31T cable modem, and re1 to a Linksys SD-208 switch.
    My Win-7 P/C is connected to the switch also. That's it. Nothing else is connected to the switch.
    No matter if the WAN is set to DHCP, or a static address, or the same with the LAN, the P/C does not see any addresses
    I cannot ping any static address in the pf Sense P/C from my Win P/C.
    I have set my Win-7 P/C to both DHCP, and static addresses experimentally with no change in symptoms.
    Is my choice of hardware bad? Or am I missing some basic concept that everybody else seems to understand natively.
    Thanks in advance of any help given, and for new guy sympathy.

    Art.


  • Netgate

    Forget about the WAN for a minute:

    In the default configuration your PC on the same switch as the LAN interface should get DHCP and be able to bring up the web configurator on http://pfsense.lan.ip.address/

    Have you gotten that far?

    If so, the next step is to get your WAN port working with comcast.  Is there a document from comcast telling you what you need to do to get their service working with third-party routers?  A power-cycle of the cable modem is usually required.  Cable modems usually want your WAN port to be set for DHCP.


  • Netgate Administrator

    Do you see lights at the switch indicating a connection both with the re1 interface in pfSense and your Windows pc? What speed?

    Unlikely but maybe relevant: http://community.linksys.com/t5/Switches/SD208-Switch-Polarity-Problem/td-p/287642

    Steve



  • I'm thinking you either may have switched your WAN and LAN

    or

    modem is giving you a private IP address and you have not unchecked interfaces > WAN > block private IP.

    could also be that you configured pfsense wrong at console interface during install.

    A pic of console after boot might help people help you.



  • Is your PC getting an IP address from pfSense when configured for DHCP?

    You might try swapping the WAN and LAN NICs and see if that provides any new insight.  That helped me resolve an issue I recently had that forced me out of lurking and into posting.

    Also check the basics:  e.g., is DHCP enabled in pfSense, do you have the LAN interface configured properly (does it have a static IP assigned and is it configured to allow local IP addresses), is the pfSense server link up on both NICs (see the Interfaces window on Status->Dashboard)?  On the pfSense server look at the Dashboard, DCHP Leases, and Interfaces sections under the Status menu.  Any basic issues with the LAN ought to show up in one of those places I would think.



  • Unless you have some other peice going on that you have not mentioned, like VLANs, something basic is wrong. Despite my utter revulsion for Realtek ethernet (I have a pile from before I learned THAT lesson), they should work, just never anywhere near the claimed speed IME.

    Step one - at the console revert to factory/default settings. Unplug all ethernet.

    Assign interfaces - use the "figure out which is which by plugging in a cable" method, rather than guessing.

    Leave the WAN unplugged at the end of that. Turn off/unplug your cable modem.

    Plug (or leave plugged) the pfSense LAN into your switch.

    Make sure your win7 PC is set to get an address by DHCP. Reboot it (possibly not really needed, but…) It should get one - the default pfSense settings have LAN DHCP turned on. Connect to the pfsense at the default address from the win7 box.

    If you cannot connect to the pfSense at that point, something is wrong at the connection/switch level. Either you have a smart switch with VLANs enabled and the devices are on different VLANs, or you have a switch with broken ports and one of the devices is on a broken port, or.... Try just a cable instead of the switch (most modern cards don't need  you to worry about if the cable is a crossover or not.)

    Then (and only then) turn on your cable modem and plug it into the WAN port.



  • 8)Thanks to all 5 of you, I was able to connect up to, and see the dashboard of the pfSense P/C.
    The advice made me rethink the way I was doing things, shotgun rather than logically, one item at a time.
    First I replaced the switch with another one, an Allied Telesyn ATFS708. There was no change, but one unknown was eliminated.
    Next I disconnected everything from the switch, and determined which interface was which by plugging and watching the LEDs.
    Then I reassigned the WAN to re1, and the LAN to re0, the reverse of the way I had done it from the beginning of this grand experiment.
    Watching the boot on the pf Sense P/C, I saw that the WAN had gotten an address via DHCP4. The first time in 3 days.
    Now the fun begins, I really get a kick out of learning new stuff, and this project shows a lot of promise.
    It is good to know that there are guys like you out there watching my back.
    I have emerged from the lurker dakness into the poster daylight, and can now order a pfSense T shirt without guilt.


  • Netgate Administrator

    Nice. Ware your t-shirt with pride.  ;D

    Stevd