First Config issue



  • Hello,

    I just installed PFsense 2.2.2,

    The WAN interface is connected via ethernet cable to my provider box.
    The LAN interface is connected via ethernet cable to my computer.

    For the moment pfsense firewall rules ares set to authorize everything.

    From my computer, I cannot ping the LAN interface of pfsense, tracert to the LAN interface is not working, BUT using my browser I can connect to the admin UI ! Can somebody explain this ?

    Thanks



  • @TZazou:

    Can somebody explain this ?

    No. Not without more information. Though possible causes could be:

    Wrongly set routing on your LAN clients.
    ICMP traffic being suppressed on your switch.
    Wrongly configured firewall rules.
    Firewall set on the client PC.
    …etc....

    If you want to narrow down the list of possibilities, I would suggest you provide some more meaningful information. Like what your LAN address range should be (including netmask), what your firewall rules are, how your network is set up specifically - including any virtual machines.

    A map of your network - labelled and showing all the relevant connections - would go some way to help.


  • Banned

    @TZazou:

    I just installed PFsense 2.2.2,

    Why? Because it has tons of unfixed bugs?



  • @muswellhillbilly : I will check your proposal.
    but yes firewall of the computer is disable for sure.
    I will post additional info tonight.

    @doktornotor : I know but my basic config should work anyway …

    Thanks to both of you



  • @TZazou:

    I just installed PFsense 2.2.2,

    As doktornotor has pointed out, there is really no rational reason to do this. There are some unusual cases that require sticking with 2.1.x because of compatibility issues arising from the significant changes between the 2.1.x and 2.2.x lines (including the base OS changing from FreeBSD 8.3 to FreeBSD 10.1 and the IPsec daemon changing from racoon to strongSwan). However, there is really no reason to install anything other than the latest minor release in a series, as this involves you installing a version with bugs and issues that are long since resolved.

    Basic functionality should work in any 2.2.x release, but the possibility remains that you are falling over an issue that has been resolved in a later minor release. As such, you are unlikely to get much community support until you install 2.2.4. If you wait a few days, 2.2.5 should be released, with numerous important fixes over 2.2.4.


  • LAYER 8 Global Moderator

    Yeah at a complete loss why anyone would install 2.2.2 when 2.2.4 has been out for quite some time..  Make no sense at all to do that.

    While I agree your basic config should work..  Did you manipulate the default lan rules?  Out of the box the lan interface should answer ping..  Did you get an IP from pfsense dhcp server?

    Your saying you can access the web gui via the same IP your trying to ping, but ping does not answer??  My first guess would be you changed the default lan rules, maybe changed it to tcp vs any, so no icmp would not work then..  But the web gui would..



  • Is there a switch between your LAN card and your computer or did you connect a cable directly?



  • First of all, thanks for all replies!

    It's done my pfsense is upgraded to 2.2.4 via the ssh console using the defaut pfsense url for upgrade, so for me it means that at least the connection with my provider box is working well. But my issue is still the same.

    So again my actual infra ( with some more details ) :

    The WAN interface 192.168.1.4/24 is connected via ethernet cable to my provider box.
    The LAN interface 192.168.2.4/24 is connected via ethernet cable to my computer.

    My computer :
    Ethernet fixed address 192.168.2.5 
    Mask 255.255.255.0 
    Def Gateway 192.168.2.4 ( can this be the problem ? )
    All other network communication off.
    This computer is a professional one, I have the admin write on it but I cannot break all network card config, I still plan to test with an old XP one where I will be able to modify everything I want but it's not done yet.

    I tried with a direct cable between the pfsense LAN Interface and my pc and via a switch, same result.

    For the moment pfsense firewall rules ares set to authorize everything.

    From my computer, I cannot ping the LAN interface of pfsense, tracert to the LAN interface is not working, BUT using my browser I can connect to the admin UI ! Can somebody explain this ?

    Thanks



  • @TZazou:

    This computer is a professional one, I have the admin write on it but I cannot break all network card config, I still plan to test with an old XP one where I will be able to modify everything I want but it's not done yet.

    What do you mean by 'the computer is a professional one?' So I take it you have no direct administrative control of the PC you're testing the connection with? In which case at a guess I would think that the issue sounds to me like some kind of ICMP block set on the local computer's firewall.

    I would strongly suggest you run your tests using equipment you have total control of. Otherwise you'll be hard-pressed to know whether the issue is with something you're doing or something wrong with the equipment you're using.


  • LAYER 8 Global Moderator

    "For the moment pfsense firewall rules ares set to authorize everything."

    So you edited them or they are default… Lots of times oh yeah its any any, but its really any TCP.. Well guess what ping doesn't work with that setting..  Since you can get access to the gui you say, just post a screenshot of these rules.



  • Hello,

    My issue is fixed about ping and tracert !! But I still cannot surf on the internet through pfsense ….

    My computer :
    Ethernet fixed address 192.168.2.5
    Mask 255.255.255.0
    Def Gateway 192.168.2.4 -> Is this ok ?



  • This issue is know fixed. Thanks


Log in to reply