Opt1 No internet access
-
But who made the nic, what motherboard??
That is not a real mac address, and don't understand why it would be such odd setting.
from an ipconfig /all what does it show?
example
Description . . . . . . . . . . . : Broadcom NetLink (TM) Gigabit Ethernet
Physical Address. . . . . . . . . : 18-03-73-B1-0D-D3I can lookup 180373
That it shows such an odd mac does not bode well for being up to standards, etc.
Guessing MSI ?
https://forum-en.msi.com/index.php?topic=266441.0You really should fix that… Here is another thread that says they have multiple machines with the same mac.. Yeah putting more than 1 device with the same mac is going to make those devices not freaking work.
https://forum-en.msi.com/index.php?topic=134964.0So for all we know the mac of pfsense opt1 interface has that same mac if your using the same hardware, etc.. What are the mac of the pfsense interfaces.. You can find them with a ifconfig Or look under status/ interfaces on the gui.
I've attached the ipconfig all and the interfaces screen. I believe the interfaces all have correct mac addresses and nothing out of the norm. The motherboard is a MSI Z77-GD55. I will follow those instructions for the motherboard and see if I can get that fixed. As far as I can tell it's the only one that has that, it's also the only MSI product I have.
-
Check your BIOS settings, some BIOSes allow setting of the MAC address of the integrated NIC to whatever you desire.
-
@kpa:
Check your BIOS settings, some BIOSes allow setting of the MAC address of the integrated NIC to whatever you desire.
Unfortunately no go on that one - it actually says the factory mac address is the 88:88:88 etc in there. It looks like the link - https://forum-en.msi.com/index.php?topic=266441.0 - johnpoz posted has a tutorial from MSI on how to fix that. I don't have any conflicting mac's though so that shouldn't be my issue and this computer works fine on LAN1. I'll definitely get it fixed tonight though, headed to a wedding in a moment so I can't play with it right now.
-
So where you pinging when you sniffed… I don't see any pings..
But what I see is you asked pfsense for some dns query, and looks like you got an answer
4:31:20.307208 IP 10.194.51.101.56315 > 10.194.51.1.53: UDP, length 31
14:31:20.403587 IP 10.194.51.1.53 > 10.194.51.101.56315: UDP, length 217And I see your client sending lots of other requests, but nothing going out the wan to those IPs.
Get a running ping going with -t
ping 8.8.8.8 -t
Then sniff on wan, with full details for ICMP and only your IP address that .101 machine that your having problems with.
You should get something like attached. You will want to validate that your machine is actually sending to pfsense correct mac.. And with that ping still running run a sniff on wan, put in the 8.8.8.8 for host.. Do you see any pings going out?? If not then pfsense is not sending them or sending out some other interface.
Your other option is to open up 2 ssh connections to pfsense and get your sniffs going with tcpdump and then get your ping going..
So see my second screen pic. So I run tcpdmp not resolve -n, interface -i mylanint host 8.8.8.8
In the other connection I run same command but with my wan interface. You will notice this is how it would look in working connection.. I send a ping to 8.8.8.8, pfsense sees it on its lan. Then a few some microseconds later you see that go out my wan, but from my wan IP..
-
Johnpoz,
I may have done this incorrectly but when I did it set on WAN I got zero results in there. Screen just came up blank for packets captured. I did change the interface to opt1 and was able to get results while the ping was going. I've attached that screenshot.
Also if it matters at all when I switch the ethernet cable on this rig from the opt1 interface back to my lan1 network this computer has zero issues so I don't think it's a problem with that if we are looking into that at all.
Thanks again and let me know if I need to change something with the test.
-
Ok so pfsense is seeing the ping.. But for some reason it isn't going anywhere, or atleast not out the wan. Maybe its sending it somewhere else? My guess is it want to send it out your PIA interface, but no nat for that, etc.
What is the routes on pfsense? And you could sniff on that interface to see if the pings our going out that way.
-
Ok so I did the packet capture on the PIA interface and the openvpnclient and both came back with results when the ping was going. I'm not completely sure but I'm guessing because that is happening something is routing the 10.194.51.1 through the VPN somehow which is not what I want, I just want this one to be clear internet. The 10.194.50.1 is the VPN and it has been working fine for a few weeks. I've attached those screen shots as well as the routes. I've made no changes to the routes so maybe that is causing me issues?
-
Looks like you grabbed the routes from you vpn connection.. see that 0.0.0.0/1 route – on your vpn client connection disable grabbing your routes
-
Johnpoz that fixed it. I appreciate all the back and forth and working with me. Thanks again.
-
NP glad you got it sorted.