WAN with STATIC IP not working, fine with DHCP?
-
Hello, I am struggling to get this figured out…
I have pfsense running on proxmox. I have 3 nics passed through. I installed pfsense 2.2.6.
My ISP assigned me a static IPv4 address, which was working fine with a dd-wrt router, but it isn't working with the pfsense VM...
I started trying to get this to work yesterday, no success.
This morning first thing I did was to start a packet capture on the WAN interface, with the static IP configured.
I was seeing ping replies from the gateway, NTP responses, and DNS responses all destined for my static IP. It only worked briefly. Now when I start a packet capture with DHCP on the wan interface, I get normal traffic in the capture. I switch to static IP and I see 0 packets with my static IP as destination. I've tried pinging sourcing from the LAN and WAN side of pfsense. pfsense is connected directly to the cable modem provided by the ISP.
I'm stumped!!! Currently (with static wan) the only traffic I see in the capture aside from ARP broadcasts are TCP retransmissions destined for the DHCP address if I start the capture while WAN is configured to DHCP, then switch to static during the capture.
RESOLVED: Problem was I had the network interfaces file in Proxmox configured as inet static for the virtual bridges I was using for pfsense. Even though they matched the static IPs I set in the PFSense VM, it was not working correctly.
-
And did you reboot your cable modem when you changed the device connected to its MAC??
So your pfsense vm nic mac is going to be different than your dd-wrt router was.. When ever you change the mac of something connect to your cable modem your going to want to restart it.
-
I tried power cycling the modem 3-4x and also spoofing the Mac of the ddwrt router. I'm trying to learn more about networking but I'm totally confused by this issue… Especially because I was seeing traffic on the first pcap I did.
-
And what mac was that traffic going to too?
So pfsense is working with dhcp… What IP address does it get, is it in the same netblock as what your static was?? I would suggest you call your isp to validate what your setting should be, and if they have it tied to any specific mac, etc..
Or its quite possible your just setting up pfsense wrong - make sure you have the correct mask on your IP you set... the drop down default to /32 which is not going to be correct. And you have correct gateway setup.. And since your not dhcp you will have to setup your gateway... Which is in a different location than your interface settings. System, Routing, Gateways
You will also want to make sure your outbound nat setup correctly if you did anything funky in there before..
-
Completely different DHCP assigned IP, all settings are correct on my end as far as numbers go…
Gateway is correct.I was getting ping responses from the gateway, and NTP from another server, and DNS from the ISP DNS, with WAN as static, but only momentarily.
-
An ISP tech came out here but he of course had no idea what the problem was… verified the WAN worked with a TPlink router set to the static IP.
I'm going crazy trying to figure out what is wrong. I reinstalled pfsense, my last attempt the WAN connection worked for about a minute after turning off the modem, setting the IP to static on pfsense, then plugging the modem in.
Currently spoofing the MAC of a Cisco router. On a machine on the LAN I had a continuous ping of 8.8.8.8 running. I ran a packet capture on the pfSense WAN interface during this whole process until I lost connectivity. I saw TCP application data, DNS response, ping replies, NTP exchanges, ARP broadcasts and replies, etc. Everything working fine. 40s into the capture it stops behaving and it shows nothing but DNS queries, ARP broadcasts from the ISP Router, ping requests, some TCP retransmissions...
Right before I stopped getting ping responses for the gateway it ARPed for the static ip 5 times, once every ~30ms. pfsense responded immediately to each arp with the spoofed MAC as it did earlier in the capture. For the next 2 seconds I got 2 ping replies and then nothing. :'( :'(
