Are these settings for pfSense behind an ISP router correct?
My pfSense setup used to work fine but I recently had to switch to a different ISP and my new one does not allow their modems to be set into Bridge Mode.
As such, I am trying to reconfigure my pfSense appliance to work behind my ISP's router.
Here's my current layout:
My issue is currently the following:
- pfSense itself can access the Internet just fine
- pfSense's DHCP server properly allocates fixed IPs to all my devices
- but none of my devices can access the Internet.
I tried the following Ping tests within pfSense and they all seem to work.
DEFAULT -> 184.108.40.206 OK
WAN -> 220.127.116.11 OK
LAN -> 18.104.22.168 OK
Localhost -> 22.214.171.124 OK
I'm pretty sure I missed some gateway/DNS setting that prevents my devices from accessing the Internet.
The only things I have NOT yet tried are the two settings in RED in my chart above:
Creating a routing table entry on my ISP's router: Destination [192.168.100.1], Subnet Mask [255.255.255.0], Gateway [192.168.1.2]
Activating the DMZ (although not sure how that would impact my issue)
Below are my key pfSense settings highlighted in yellow.
If any of the great experts here could have a quick look and tell me what I missed I would greatly appreciate it! :)
Many thanks in advance for any help and pointers
Can the LAN hosts ping 126.96.36.199? If so can they ping www.google.com ?
Then you need to fix your DNS.
Can pfSense resolve names using 188.8.131.52 and 184.108.40.206 ??
Why forwarding mode? Why not just let the resolver do its thing?
Hi again :)
Thanks for the quick response.
Unticking the forwarding mode actually seems to have fixed it. Not sure where I picked up that I had to tick this setting, but it seems to do the trick.
Many thanks for that!!!!
While we're at it, would you know if I should tick the "Block Private Network" box in "Interfaces: WAN"?
My understanding from the contextual help is that because I'm behind another router that I need to un-tick this? Is that corrector should I leave it ticked?
Many thanks again for your help!