No internet from LAN, pls help!!!



  • I know that this is a very common topic but i´ve searched in a lot of places and read a lot of stuff and i still can´t seem to figure out what´s wrong with the way i´ve set up things.

    I have a pfsense with 2 NICs one for WAN and one for LAN.  My WAN ip address is 201.220.xxx.xxx which is a valid IP on my WAN network.

    i´ve set up DHCP for my LAN and clients are getting the ip leases just fine, i´ve even used OPT interfaces with a Netgear switch to set different VLANS and add dhcps to each one and it works fine two. I´ve configured my WAN static ip address and gateway for it, also added the DNS servers in the general setup because the my WAN´s ip pool uses one to resolve names for internet websites.
    So far from the shell in my pfsense i can ping outside domains so i figured i have connected it right but my clients on the LAN can´t resolve or access any web. The firewall rules are set to accept all incoming traffic from my LAN to my WAN, i´ve not added any new gateways except the one mentioned before. I´m EXTREMELY NEW to pfsense and i cannot stress that enough, everything i´ve done i´ve done by reading here and there so i would appreciate some help a lot. Thanks in advance


  • Netgate

    The firewall rules are set to accept all incoming traffic from my LAN to my WAN

    What, exactly, did you do here?  Rules for internet traffic should be destination any.  The destination should not be WAN address, WAN net, or anything to do with WAN.

    https://doc.pfsense.org/index.php/Firewall_Rule_Troubleshooting



  • Right,my bad, i have accept to any, the default


  • Netgate

    Post Firewall > Rules, LAN tab and Firewall > NAT, Outgoing tab.

    Detail what host IP address on LAN you are trying to use?

    Can that host ping the pfSense LAN interface?

    Can that host resolve DNS names?

    Does that host have pfSense as its default gateway?



  • Yes i can ping the lan interface from my host, no it cannot resolve DNS names, yes it does have the pfsense as its default gateway. On the Outbound tab i´ve left it with the default configuration, the automatic rules.
    My LAN is 192.168.1.0/24, pfsense LAN ip 192.168.1.1 and gateway and i´m using host ip given by dhcp 192.168.1.100-150 currently using 101


  • Netgate

    If your host can ping 8.8.8.8 and cannot resolve names you need to fix your DNS and your rules are probably fine.



  • My friend, i live in Cuba, i do not have a direct connection to an ISP on the internet, when i said my WAN pings outside domains i meant outside of my enterprise network but in my country´s network, therefore i cannot ping 8.8.8.8 from my pfsense CLI but i can access the domains allowed in my network (*.cu). Still my host is not resolving anything



  • Thanks for everything Derelict, i´ve solved my problem, it had the DNS resolver activated (by default) and the DNS forwarder too (activated by me) which is what i actually needed. Now everything is running normally.