I can ping a website from my pfsense and client pc but no browsing!



  • good day,

    i have this set up using virtual box

    ISP > MODEM > PFSENSE > CLIENT LAN PC

    PFSENSE
    WAN
    192.168.1.1
    255.255.255.0
    192.168.1.1 GW
    LAN
    192.168.100.1
    255.255.255.0

    CLIENT PC
    192.168.100.10
    255.255.255.0
    192.168.100.1 GW

    then i have this message from my firewall logs. Please see attach image…

    192.168.1.101 is the pc wer i installed virtual box

    the problem is i can ping from my pfsense same with my client pc but no internet browsing.
    my network icon has no caution sign and status had also internet.
    my pfsense can ping website but it can't see packages.




  • here is the scenario.




  • Confirm that Block Private Networks is not checked on the WAN interface. Also, what are you using for DNS on the WAN interface? Pfsense needs a way to resolve internet names.

    Carlos


  • LAYER 8 Global Moderator

    I have no idea what that traffic is.. Its coming from something on the network between pfsense and your router/modem..

    But this is NEVER going to work

    PFSENSE
    WAN
    192.168.1.1
    255.255.255.0
    192.168.1.1 GW

    Your pointing pfsense to itself??  Is your "modem" at .101??  Then pfsense wan gateway should be .101 not itself.



  • @johnpoz = is sorry it's 192.168.1.10, :), regards with the dns sir in status i can get online f i make it dynamic, but when i try to change it to static like 192.168.1.1 which is my router gw or 192.168.1.101 my main pc ip it shows unknwon.

    @ctirado = yes sir it's uncheck.

    **

    and today i check my gw status and it's online using dynamic settings
    i also took my firewall system log in source 192.168.1.101 this is my physical pc ip add and l'm guessing under ACT it block the ip. any idea sir?




  • sir this is the firewall log that concern my.

    192.168.1.101 is my physical pc ip address, does pfsense blocking my id that's why i can get thru the net?




  • I don't really understand why you try to "ping" as an evidence that your access to internet is up and running autorized

    PING is acceptable if you know that ICMP is authorized through your firewall. If not, ping will fail.
    The point with FW is that it manages network flows between interfaces. If you don't describe your firewall rules, do not expect any efficient support from people not knowing your settings  ;)

    Regarding your concerns with logs, don't worry, this is only UDP from whatever application but it doesn't look like critical.



  • sorry for that sir, :(

    with regards with my firewall setting or even the rules it's all by default, that all lan can pass.


Log in to reply