Need quick help please - LAN host blocked
-
Hi,
I have PFSense 2.1.5 which was working fine till now
Out of a sudden it decided to block one LAN host
There are no logs about this block anywhere. Thus particular host was working and then it just stopped (I was there and saw this behavior first hand).
Previously this LAN host was able to ping the firewall..now it cant.
I have tried everything I can think of but it didnt help (including dropping all states at one point).Can someone plz help me get this host back on the internet?
Thanks
-
And what are you lan rules? And do you have any floating rules? What is the IP of the host, and what is the IP of pfsense..
When you ping pfsense IP, and you just get timeout or some other error. Right after you ping and fail, if you look in the clients arp table to do you see the mac of pfsense, is it correct?
Can this lan client ping other devices on the lan - if not seems like its just got bad network card, cable, etc. Wrong setting - does it get dhcp from pfsense? Do you have static arp setup in pfsense? etc. etc.
We really have nothing to work with here. As to looking if you don't tell your rules to log, you will only get the default rule hits.
-
Hi
Thank for the reply…let me be a little bit more clear
- PFsense was configured and working for at least one year now, all networks, rules, etc all configured correctly
- the only action I did was to add a new host
- after adding the new host all worked fine for about 5 minutes and then I saw this other host that worked fine for at least six months (when it was added) having no internet connection. Before it did.
Now this existing host does not have internet connection (the new host I added is fine) at all. It is not a matter of rules, networking, routing, floating rules, firewall logging, bad cards, static arp setup, dns, dhcp, etc (test the wifi card with tethering and all OK) or anything else. Somehow PFsense decided to block this particular host out of the blue. I checked and double checked all (rules, networking, routing, floating rules, firewall logging, bad cards, static arp setup, dns, dhcp, etc) and there is nothing to block this host. As this host is part of an alias the whole subnet should had been blocked if this was the case.
-
after adding the new host all worked fine for about 5 minutes and then I saw this other host that worked fine for at least six months (when it was added) having no internet connection. Before it did.
IP address conflict?
-
Somehow PFsense decided to block this particular host out of the blue.
There's "blame pfSense" again. If that was the case there would be logs - and a rule actually doing the blocking, not something "out-of-the-blue". As KOM said, you probably have a duplicate IP address. Look over exactly the changes you made. Unplug the new host. Can you still ping its IP address? Is there an ARP table entry for the new host's IP address? Does the MAC address of that entry match the new host? Switch the new host to DHCP and try it again?
-
Yeah I would be ip conflict as well, if you put a new host online and then another goes off? Is that would you said happened?
Pfsense doesn't just start blocking IPs for no reason. Can you ping pfsense - if you have not connectivity to the gateway, your never going anywhere. Does it even point to pfsense as the gateway. If you setup something static on the host, did you typo the mask is one example where you can bork over stuff on accident.
Simple 101 troubleshooting connectivity. If you trying to ping something on your same segment, are you getting the correct mac for that IP.. This is 101 basic first thing to check if you showing connectivity lights. Can you ping other stuff on the segment?
-
Guys you don't understand…I am not a new to this... I know exactly what I am doing
There is no IP address conflict on my environment ... I manage all of it myself so I know exactly what is going on. And yes this in NOT just another PFsense fault but actually is REAL one!And YES I have stated before - suddenly it just stopped working... I was there working on the new host and I saw that it was working before, I saw how it just stopped and didn't have any internet connection at all... IP is given by DHCP and the only things I did was added the new host to aliases and DHCP.
I will remove the non-workig host form PFsense (aliases, dhcp etc) reboot and then add it again. The issue with PFSense and not my setup.
-
No, it didn't. Double check everything. You missed something.
-
What alias did you put it in, what rules do you have setup? Pfsense doesn't just say hey out 100 ips talking to me - let me block #32 and btw not going to log that I am blocking it, etc..
Again – can you even ping the pfsense lan IP, the machines gateway? Let us see your ipconfig /all on your machine that is not working, and one that is working. And that they can both ping pfsense lan IP. And then arp tables. Then sniff on pfsense lan and show that the traffic for somewhere else got there, etc..
