Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    I can ping a website from my pfsense and client pc but no browsing!

    Scheduled Pinned Locked Moved General pfSense Questions
    8 Posts 4 Posters 2.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I Offline
      itneigh
      last edited by

      good day,

      i have this set up using virtual box

      ISP > MODEM > PFSENSE > CLIENT LAN PC

      PFSENSE
      WAN
      192.168.1.1
      255.255.255.0
      192.168.1.1 GW
      LAN
      192.168.100.1
      255.255.255.0

      CLIENT PC
      192.168.100.10
      255.255.255.0
      192.168.100.1 GW

      then i have this message from my firewall logs. Please see attach image…

      192.168.1.101 is the pc wer i installed virtual box

      the problem is i can ping from my pfsense same with my client pc but no internet browsing.
      my network icon has no caution sign and status had also internet.
      my pfsense can ping website but it can't see packages.

      12571109_1223300211018586_1841971121_n.jpg
      12571109_1223300211018586_1841971121_n.jpg_thumb

      1 Reply Last reply Reply Quote 0
      • I Offline
        itneigh
        last edited by

        here is the scenario.

        Untitled.jpg
        Untitled.jpg_thumb

        1 Reply Last reply Reply Quote 0
        • C Offline
          ctirado
          last edited by

          Confirm that Block Private Networks is not checked on the WAN interface. Also, what are you using for DNS on the WAN interface? Pfsense needs a way to resolve internet names.

          Carlos

          1 Reply Last reply Reply Quote 0
          • johnpozJ Online
            johnpoz LAYER 8 Global Moderator
            last edited by

            I have no idea what that traffic is.. Its coming from something on the network between pfsense and your router/modem..

            But this is NEVER going to work

            PFSENSE
            WAN
            192.168.1.1
            255.255.255.0
            192.168.1.1 GW

            Your pointing pfsense to itself??  Is your "modem" at .101??  Then pfsense wan gateway should be .101 not itself.

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.8, 24.11

            1 Reply Last reply Reply Quote 0
            • I Offline
              itneigh
              last edited by

              @johnpoz = is sorry it's 192.168.1.10, :), regards with the dns sir in status i can get online f i make it dynamic, but when i try to change it to static like 192.168.1.1 which is my router gw or 192.168.1.101 my main pc ip it shows unknwon.

              @ctirado = yes sir it's uncheck.

              **

              and today i check my gw status and it's online using dynamic settings
              i also took my firewall system log in source 192.168.1.101 this is my physical pc ip add and l'm guessing under ACT it block the ip. any idea sir?

              Untitled.jpg
              Untitled.jpg_thumb

              1 Reply Last reply Reply Quote 0
              • I Offline
                itneigh
                last edited by

                sir this is the firewall log that concern my.

                192.168.1.101 is my physical pc ip address, does pfsense blocking my id that's why i can get thru the net?

                Untitled.jpg
                Untitled.jpg_thumb

                1 Reply Last reply Reply Quote 0
                • C Offline
                  chris4916
                  last edited by

                  I don't really understand why you try to "ping" as an evidence that your access to internet is up and running autorized

                  PING is acceptable if you know that ICMP is authorized through your firewall. If not, ping will fail.
                  The point with FW is that it manages network flows between interfaces. If you don't describe your firewall rules, do not expect any efficient support from people not knowing your settings  ;)

                  Regarding your concerns with logs, don't worry, this is only UDP from whatever application but it doesn't look like critical.

                  Jah Olela Wembo: Les mots se muent en maux quand ils indisposent, agressent ou blessent.

                  1 Reply Last reply Reply Quote 0
                  • I Offline
                    itneigh
                    last edited by

                    sorry for that sir, :(

                    with regards with my firewall setting or even the rules it's all by default, that all lan can pass.

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.