Gateways do not work after changing the default gateway to another
-
I am using pfsesne 2.2.5-RELEASE (amd64) and have a strange problem that was not prevailing in 2.2.4 or earlier.
I am having one LAN and one WAN interface with two gateways.
Both gateways are up and working fine.
But, when I change the default WAN gateway to another one, both gateways become offline. I am not able to understand this. Can anybody help…Thanks
Sher Singh Rawat -
Sure. Just give a reasonable amount of information and maybe someone can help. Saying you have two gateways and they don't work when you use one tells nothing at all to anyone who might be able to assist.
For instance, are both gateways on the same network address range? When both gateways become 'offline', do you mean they both stop pinging or that they just become unavailable to the pfSense box? How have you set up your network specifically (diagrams, please)? Are you checking to see if the gateways are available only from the LAN side of your firewall, or are you checking on a separate box on the WAN side?
I would suggest you start with a diagram of your network layout - include network addresses with a reasonable amount of info on the WAN addresses without giving the whole address away, such as subnet masks, first few numbers, etc.
-
Thank for your response,
I have attached screenshot here.
Two WAN gateways are 192.168.5.10 (Default) and 192.168.5.11
When i change the the default gateway to 192.168.5.11, both gateways stop working indicating 100% packet loss.
From pfsense ssh shell, I pinged to some url and ip address but ping fails.
PING to local network is fine.As soon as I again changed the gateway to 192.168.5.10, everything works fine.
Sher
-
Have you read the Multi-Wan documentation?
Which targets do you monitor to determine if an IF is down?
-
I monitor Google DNS servers and Open DNS servers.
It has nothing to do with monitoring. As i said, i also tried from pfsense ssh shell to ping to websites/url ips but it could not.
-
Have you checked to see if the secondary gateway (192.168.5.11) is working correctly? Sounds to me like your backup gateway is the problem here - nothing to do with your firewall. Can you ping 192.168.5.11 from your PFS, for instance? And are there any link lights on your ADSL2 line to show if the line is up at all?
-
Show a screenshot of your System | Routing | Gateways tab
-
What's this nonsense about? Make two WANs, not one! WTF.
-
I just had this very same problem last week and was pulling out my hair to sort it out. What I finally realized is that switching the gateway works fine in the Interface GUI but no web browsing works. I was able to ping but browsing did not work. What I eventually discovered is that the previous Gateway remains as the default under the Gateway assignment under System–--Routing----Gateways. To fix the problem edit the settings for the gateway you want to use by checking the box next to Default Gateway. Just to verify this was the problem I changed to the previous gateway and had the same problem.
Please note that I had configurations for two different providers and this occurred when I was switching over. However I think that's where your problem is.
P.S. just to be clear I was changing the config between providers when I had this problem. Not only the gateway. (Just in case someone thought I was only changing the gateway and not the corresponding IP configurations).
-
Make two WANs, not one!
That's where I wanted to guide him gently.
I'm unsure a "WTF" statement helps here. ::) -
Thanks to all of you friends,
One of my gateway was not working and was not able to ping to internet.
But my second gateway was onilne and I am not able to understand why the second gateway was showing offline.
Is it possible to configure pfsense in such a way that it the default gateway is down, the second one which is working would become default automatically.
SSR
-
There are too many complications in trying to put two WANs on a single NIC, it's really ugly. Just add a NIC and keep only one WAN per NIC.
-
@cmb:
two WANs on a single NIC
You could of course use two VLAN interfaces on the same physical NIC, but that implies a managed switch et al.
-
@cmb:
two WANs on a single NIC
You could of course use two VLAN interfaces on the same physical NIC, but that implies a managed switch et al.
We have a pfsense appliance and seem to be having the same issue, our second WAN has got an IP from the ISP but it won't show as online, can't ping google DNS. We know the internet for that wan is working if we patch a dhcp laptop into it, the internet works.
We are using the C2758, we have one wan plugged into the top left port, and the second wan plugged into the bottom left port. Are you saying we have to install a second NIC to this appliance in order to use two WAN's? Because we have two wans working on another gateway but it's the SG-2440 appliance. Why is it different?
-
Are you saying we have to install a second NIC to this appliance in order to use two WAN's?
Sigh… Again, start here: https://doc.pfsense.org/index.php/Multi-WAN
-
Are you saying we have to install a second NIC to this appliance
Absolutely not what I'm saying.
You already have four (4) NICs in your appliance. -
Are you saying we have to install a second NIC to this appliance in order to use two WAN's?
Sigh… Again, start here: https://doc.pfsense.org/index.php/Multi-WAN
Sorry I've read that page it doesn't help. We have it all configured correctly as far as we can tell. I'm not an expert but the guy I work sure is but he is stumped too. It just doesn't make sense. The gateway is set to dynamic because the ISP gives out an IP, it's a UNDI port on a NBN (National broadband network) NTD. You can patch anything in there an if you are set to DHCP you will get on the internet.
If it's so obvious to you what I'm doing wrong can you please just tell me? Give me a hint or something? :'(
I just noticed this, we are monitoring google DNS to say if the gateway is up or down, but in here it says the ISP is also using google DNS, could this be causing an issue? It's weird because the gateway appears to be up but we can't ping or traceroute etc…
http://imgur.com/jw6FiqA
-
Are you saying we have to install a second NIC to this appliance
Absolutely not what I'm saying.
You already have four (4) NICs in your appliance.But it's not like each of those 4 Ethernet ports are seperate network interface cards..? They are a quad port nic.. right?
-
If it's so obvious to you what I'm doing wrong can you please just tell me? Give me a hint or something? :'(
This is what you are doing wrong:
I am having one LAN and one WAN interface with two gateways.
::) ::) ::)
Now, go read the docs a couple more times and please tell us where do they suggest to create a single WAN with two GWs.
::) ::) ::)
-
This is what you are doing wrong:
I am having one LAN and one WAN interface with two gateways.
Really?
…our second WAN has got an IP from the ISP ...
It's the typical scenario: "I have the exact same problem! Well, totally different setup, but EXACTLY the same problem. Promised!"
Andyroo54, please start a new thread and post screenshots of your interfaces and gateway configs in there.
