No SSH or WebGui Access after assigning and setting LAN IP
Hi, all. Just signed up and have found many great discussions to help me on other things on here so thought I should sign up. (And ask my problem)
Have searched the forum and read other posts but nothing much helps me here.
My issue is:
That once I assign my LAN interface and setup the IP address I can no longer get access to pfsense from SSH or WebGUI
I know that once LAN is setup Web side access should be prevented but I can not log in on either side.
The setup is pretty basic pfsense WAN connected to router (So have DHCP IP on this side) It gets address and I can login to webgui and ssh
Then when I do the LAN side
Static IP and running DHCP which gives out an IP to me when connected, but cannot ping the pfsense or anyelse.
Watching on a monitor it boots up and both LAN and WAN is shown with IP address. Any help please ? Something is telling me I have a hardware issue but I can setup just the WAN side on both internal ethernet port or PCI ethernet card and get IP and log in.
what are you setting pfsense lan too, what is the wan? Why do you not just let it be the default? How are you connected tot he lan side of pfsense? the web gui and or ssh is never open on the wan side of pfsense. Unless you create a specific firewall rule to do that. So not sure how you your accessing that, and then setting up lan?
You sure your lan is not wan and wan is lan - mixed up nics?
Thanks for the reply: johnpoz
I have a cable router from the ISP and for the time being want to build my own network lab to test and play around with whilst other users can still have internet access from the cable router.
So when I setup with just assigning WAN interface and getting its IP from DHCP (The cable router) The WAN interface is provided with an IP from the cable router. 192.168.0.22 for example. I can then access by SSH and WebGUI by this address as its on the cable router LAN.
I then setup the LAN interface with an IP of 10.0.0.1 and providing DHCP providing 10.0.0.100 - 10.0.0.150 for example. This is all ok and reports no errors, but now as you would expect I cannot access from the WAN side of pfsense. I understand that but I can not access by 10.0.0.1 either. I have my laptop directly into the LAN interface of pfsense and it does provide the correct ip and displays correct gateway address. This tells me that LAN and WAN is not mixed up but I did change over just to check but did not clear the issue.
I have one NIC card and one internal Ethernet port on motherboard I am using. I have setup just the WAN interface on each, all is OK I can log in, I can ping and I have setup a OpenVPN connection which is up. But as soon as I assign the LAN interface and IP address no access is given to pfsense or nor can I ping either side. I know this a pretty basic setup or should be but I must be missing something ? Also I should note that I have tried assigning my LAN interface through the console options menu and also tried through the WebGUI
What do you mean you then setup?? when you setup pfsense the interfaces are setup at the same time.. I have gone through pfsense setup plenty of times ;) How exactly are you setting up the wan without the lan?? And then going about setting up the lan?
Cut a long story short… I only had the Ethernet on the motherboard available to me when I first set it up so only done the WAN. I wanted to prove a OpenVPN connection as pfsense as the client at first. Which I did and it shows as up.
But then I received a PCI Ethernet card so then assigned that as the LAN.
Is this my issue ? I should do it all at the same time with both cards in ? So I should return pfsense to clean install and then setup WAN and LAN...
I thought it would be fine adding LAN after
I have assigned both WAN and LAN and their IP's again at same time but not at initial setup.
I would redo the setup.. If there is only 1 nic, did you setup vlans? I would have to try it with 1 nic to see what it does in that sort of scenario.. Its meant to be a firewall/router - that doesn't work with 1 nic! Unless you setup vlans?
Thanks very much. I put it back to factory settings and setup again. I now get LAN access to WebGUI.
You live and learn !
You can configure a single interface though. It's useful if you're running as a vpn server exclusively for example. If you do set only a WAN interface the default rules will allow access to the wegui on that interface. However as soon as you assign another interface the firewall rules are reconfigured to those appropriate for a firewall and you loose access via the WAN. That's what happened to you.