Help i have hit a brick Wall with Setup

dcl66

As the title suggested i am at a complete loss on what to do hopefully someone can help because as of right now my home network is on a stone age island with no internet access.

Ok my setup is presently:
My Uverse gateway has the PFsense IP 192.168.1.77 set as static with all firewall rules off

Uverse Pace 5031NV-030 (worse device EVER!!!)
Router WebGUI ip is 192.168.1.254

Pfsense (HP Elite 8300 i5 500gb 16 gb Ram)
Wan IP is 192.168.1.77
LAN IP is 192.168.1.180

Now some of my many issues I have are:

once I have everything configured I can ping 8.8.8.8 and also download packages (diskstat) and updates. But when I attempt to connect to the internet I get nothing. So I created a LAN to WAN rule in the firewall but still nothing.

I originally tired a Watchguarrd Firebox x750e but had the same problem and realized it has to be something I am doing really wrong

Again any help would be humbly accepted because I feel like a putz right now and if I missed any additional info I will gladly post it!!

KOM

Your WAN and LAN can't be in the same subnet. Unless it's a typo, you have them both at 192.168.1.0/24. If you can switch your Uverse gateway into bridged mode and let pfSense have your real WAN IP, that would be better and you wouldn't have to change anything on the LAN side. However, if you can't do that then you have to put your LAN interface on a different network. Try setting your pfSense LAN IP address to 192.168.2.1 with a netmask of /24 or 255.255.255.0. If you have clients on LAN with static IPs then they also need to change to 192.168.2.x. If you are running the pfSense DHCP server then it also needs to server addresses in the 192.168.2.x range.

dcl66

First thanks for the help!!!

I tried what you recommended and its still not working out

I reset Uverse gateway and Pfsense to factory and started fresh

WAN on 192.168.1.1/24
LAN on 192.168.2.1/24

KOM

More info. What do you mean by 'not working out'? Specific problems or error messages please. What are you testing with, how are you testing, any error messages?

dcl66

Sorry about that well after I rest and configured the gateway and pfsense

I logged into pfsense shell and tried to ping 8.8.8.8 and it came back with "No route to host" 100% packet lost

I also tried the same from the WebGui but I didn't expect different results.

I included screenshots of what I have hoping this may be something I have setup wrong

![Info copy.jpg](/public/imported_attachments/1/Info copy.jpg)
![Info copy.jpg_thumb](/public/imported_attachments/1/Info copy.jpg_thumb)
![Firewall rules copy.jpg](/public/imported_attachments/1/Firewall rules copy.jpg)
![Firewall rules copy.jpg_thumb](/public/imported_attachments/1/Firewall rules copy.jpg_thumb)
![Interfaces copy.jpg](/public/imported_attachments/1/Interfaces copy.jpg)
![Interfaces copy.jpg_thumb](/public/imported_attachments/1/Interfaces copy.jpg_thumb)
![Untitled copy.jpg](/public/imported_attachments/1/Untitled copy.jpg)
![Untitled copy.jpg_thumb](/public/imported_attachments/1/Untitled copy.jpg_thumb)

KOM

What is your Uverse LAN IP address, 192.168.1.1? Do you have it set as your gateway for pfSense WAN? Is your WAN set for DHCP or static IP? Please post your WAN settings screen.

dcl66

Uverse LAN ip is 192.168.1.254

I dont have it set as my gateway on Pfsense

My WAN is static with IP 192.168.1.85/24

And I included the WAN Pfsense screen below

dcl66

Also at one point I had Private and Bogon networks blocked but I was checking everything along the way to and unchecked them in WAN interface to see if that would do the trick

KOM

The picture seems to be broken, but you need to either:

Set your pfSense WAN to DHCP and let the Uverse give it a valid IP address, netmask, gateway and DNS.

or

Leave the WAN as static IP and manually set the gateway to 192.168.1.254.

Then test again.

Don't worry about bogons and private networks for now. They aren't impacting your tests.

dcl66

I choose the 1st route and I set WAN to get Ip via dhcp from Uverse gateway and for about 30 secs it looked like it would work then everything slowed down and dropped off and anything I try and navigate to has a message of "ERR_CONNECTION_TIMED_OUT" or "DNS_PROBE_FINISHED_NO_INTERNET"

Talk about going from Sad to Happy to depressed in under a min.

dcl66

Also now I can ping 8.8.8.8 or 8.8.4.4 from the shell and webgui and it is successfulw/no packet loss but still no internet conncetion via a lan connection

KOM

Make sure your clients have an IP address in the 192.168.1.x range with a gateway of your pfSense LAN IP address. Also make sure that you did NOT specify a gateway for your pfSense LAN configuration. pfSense LAN interface does not require a gateway, only your WAN and your clients do. I have to go but will be back tomorrow if someone else hasn't already stepped in.

dcl66

Thanks for your help and no problem

I just have a question should my client PCs be configured for the 192.168.2.x since my setup set to allow Pfsense to issue DHCP addresses

Gateway 192.168.1.x ==> Pfsense WAN 192.168.1.85 to LAN 192.168.2.x ==> Managed Switch ==> Clients

And I have restarted every device in my LAN and its the same behavior out the gate I have internet access and speed test 16 down 2 up then something happens and it sinks to less than a meg down and it errors out on the up test.

And I dont know if this is of any consequence but after setting WAN to get DHCP address from uverse gateway now in the Shell the IP is showing as my public Ip and not the 192.168.1.85/24 that it previously registered
So yeah I am 100 percent stumped

KOM

should my client PCs be configured for the 192.168.2.x since my setup set to allow Pfsense to issue DHCP addresses

Yes. If your LAN is 192.168.2.0/24 then all of your clients on LAN should also be on the same network. And as I said earlier, make sure that your DHCP server on LAN is giving out IP addresses that are appropriate for your LAN network eg. 192.168.2.10-192.168.2.40.

Is there anything in your System log of note from when it starts to lose connectivity? Can your LAN clients ping pfSense LAN NIC at 192.168.2.1? Can they ping 8.8.8.8?

If your pfSense WAN is in DHCP mode and is getting a public IP address then that means your Uverse was likely in bridged mode all along.

dcl66

Ok thanks well i have all my devices set to dhcp on 192.168.2.x and i checked th few that are currently on in the LAN and they look good

Now as far as being able to ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: icmp_seq=1 ttl=55 time=23.213 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=55 time=23.189 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=55 time=22.982 ms
64 bytes from 8.8.8.8: icmp_seq=5 ttl=55 time=23.043 ms
64 bytes from 8.8.8.8: icmp_seq=7 ttl=55 time=23.499 ms
64 bytes from 8.8.8.8: icmp_seq=8 ttl=55 time=22.890 ms
64 bytes from 8.8.8.8: icmp_seq=9 ttl=55 time=23.536 ms

–- 8.8.8.8 ping statistics ---
10 packets transmitted, 7 packets received, 30.0% packet loss
round-trip min/avg/max/stddev = 22.890/23.193/23.536/0.230 ms

And when I ping 192.168.2.2 (pfsense LAN address) from a PC on the LAN it is flawless with zero dropped packets

and as far as the Logs go on Pfsense the only thing I see happening around the time everything goes awry is

Feb 15 12:49:15 check_reload_status: updating dyndns WAN_DHCP
Feb 15 12:49:15 check_reload_status: Restarting ipsec tunnels
Feb 15 12:49:15 check_reload_status: Restarting OpenVPN tunnels/interfaces
Feb 15 12:49:15 check_reload_status: Reloading filter

Gateway Log
Feb 15 12:51:09 apinger: ALARM: WAN_DHCP(Public IP) *** loss ***
Feb 15 12:52:40 apinger: alarm canceled: WAN_DHCP(Public IP) *** loss ***
Feb 15 12:55:57 apinger: ALARM: WAN_DHCP(Public ip) *** loss ***

Other than that nothing that I can tell stands out

KOM

30% packet loss is pretty crappy. You can disable the gateway monitoring and that may help with the gateway errors in the log but that 30% is nasty. Were you pinging from the pfSense interface when you got that 30% loss or from a LAN client? I assume you're running 2.2.6?

dcl66

Ok if the errors for gateway monitoring aren't doing any damage Ill leave them alone But I am running 2.2.6 64bit and when I was getting the 30% loss it was via Pfsense.

And yeah the dropped packets make it a pain.

dcl66

Now I dont know if this is a good or bad thing but I started a page by page trial and error just to see what would change and I enabled UPnP and NAT-PMP

and my packet loss for 8.8.8.8 which was north of 20% its back and forth between 10% and I have sustained download speeds but my upload ….....is in a new category of laughable

IMG_0232.PNG_thumb

KOM

Poor upload speeds can be caused by incorrect speed or duplex issues. I've even seen an MTU too high causing such things due to excessive packet fragmentation. Speed tests on a wireless device introduce all kinds of other variables to the mix, so you might want to stay with a wired connection for that. Have you tried a different network cable between pfSense WAN and the Uverse? You also might want to check with your ISP about that packet loss. Your poor connectivity might be due to a bad WAN NIC or line issues.

dcl66

I will try another cable and check the MTU setting to see if that helps

But the only thing is this issue with the speed taking a nosedive happened after I put Pfsense into the equation before 15down 2 up was the norm. but back to the drawing board

And, KOM man i cant thank you enough for all the you have offered so far!!