10/25/2019 Pfsense Vtnet0 No Ip
After a few day searching by myself I decided to ask for help here. I've setup a proxmox on a dedicated OVH server with a failover IP. Reading this from my phone, so please forgive me if I've missed something.With pfSense on Proxmox, you need to go into the pfSense advanced settings, and disable all three of the NIC hardware offload features, otherwise, this can prevent the forwarding of traffic between interfaces.(Edit)Here's the location of the settings:System - Advanced - NetworkingCheck the boxes to disable:. Hardware Checksum Offloading. Hardware TCP Segmentation Offloading.
Having issues with my pfsense router/firewall. When it’s up and running, it’s fine. If I lose power or have to cold boot it’s a pain to get going again. It fails to get an IP from my modem. In the pfsense dashboard I see “n/a” where I should have an IP on the WAN interface. Sometimes I’ll see 0.0.0.0. Part 3 (Installing pfSense. You’re here!) First boot. At the firewall’s first boot, we need to set up the bare minimum for accessing the web interface, where the configuration will be finalised. VLANs do not need setting up at this time. Assign vtnet0 (or em0) as the WAN interface. Set the IP address to your first failover IP address (ex.
Hardware Large Receive Offloading. Can the VM ping pfSense? If yes, is pfSense set up to NAT the LAN addresses to the WAN address?The VM isn't technically failing to ping google.com in the screenshot, it's failing to resolve google.com to an IP address, which implies it's not communicating with it's DNS server (which is not local). The DNS server is known by it's IP address rather than domain name. Assuming you cannot ping the IP address of the DNS server (which is likely, given you are unable to resolve domain names), that would indicate that the VM is unable to send traffic outside of it's local network. This would indicate that either the VM cannot communicate with the default gateway (pfSense), or the default gateway is unable to route traffic between the two networks for one reason or another.
Given that your routes appear to be correct based on what I know, that would make NAT a likely candidate if the VM can in fact ping pfSense. OVH should have given you the IP information. I am assuming you're masking the true addresses (which is a good thing), so it's hard to know what they should be.
If the actual addresses really are 1.2.3.4 and 5.6.7.8. That's a problem.
The only explanation I could come up with for that setup is that they're handing out addresses from a. /5, if my brain is working properly. Which would quite possibly be one of the dumbest things I've ever heard of on the Internet.If we can assume that both of the addresses are really in the same subnet, along with the default gateway. Make sure pfSense is using the correct physical/virtual interfaces, and check your NAT. Checking the ACL/firewall wouldn't be a bad idea, since Will653241 mentioned it.
Having issues with my pfsense router/firewall. When it’s up and running, it’s fine. If I lose power or have to cold boot it’s a pain to get going again.
It fails to get an IP from my modem. In the pfsense dashboard I see “n/a” where I should have an IP on the WAN interface. Sometimes I’ll see 0.0.0.0.Ive already made a thread on and got some good advice but none of it seemed to really solve my issue.Here are my hardware specifications.Modem: Motorola Arris Sb6141Pfsense system:Asus p9di motherboardXeon E3 1240L v3Onboard dual I210AT NICs2x 4gb ecc memorySome random Toshiba 120gb ssdMy isp is Comcast fwiw.I have tried rebooting the Arris modem many, many times. So many power cycles. The modem manual suggests resetting factory defaults.
Strangely the reset factory defaults button is nowhere to be found in the modems interface at 192.168.100.1. So I just keep power cycling.Ive tried every permutation of booting pfsense box first, then modem. Modem then pfsense. Boot the modem and wait 15mins then pfsense. I’ve tried it all.
The most successful seems to be pfsense box first, so it gets through bios and then the modem. I have all uefi network capabilities disabled. Pxe boot is disabled. So I really don’t think the bios is interfering with the modem/router handshake but maybe I’m wrong. Each nic interface has its own Mac obviously. But the bios also has its own separate Mac address, which shouldnt matter if all the uefi networking is disabled.
So there’s 3 mac addresses for two ports Maybe the modem is seeing that Mac address first?I just did a fresh install of pfsense and the WAN interface is blank when looking at the monitor on the pfsense system. The web gui dashboard shows 0.0.0.0. Ej24:I noticed my public ipv4 address from the modem hasn’t changed in probably a year.
Could I just set wan ipv4 to static?The reason this happens is because the DHCP server knows about your lease. Leases usually last anywhere from several hours to a few days. If your device drops off the network in the middle of this lease and comes back, the DHCP server will reassign the same IP address, because the lease is already there. It’s super convenient.
If your device is online at the end of the DHCP lease and requests a new lease, the DHCP server assigns the same IP address. It’s also super convenient.However, if your device is not requesting a new IP address by the time the lease expires, the DHCP server is going to forget about that lease entirely, and that IP address will open up for someone else to grab.So, if you set your IP address manually, your pfSense box will not request a new IP address, and the DHCP server will think that IP is just fine to dish out to someone else. Hilarity ensues.Back to the original problem. For funsies you might put in a firewall rule that allows communication on the WAN interface, UDP port 68. You should tell the WAN interface to reject leases from 192.168.100.1. That is what that field is for.You pretty much never want to obtain that sort of address from a cable modem service. You always want to obtain the public address or nothing+keep trying.Set that (Reject leases from 192.168.100.1), unplug the cable modem from WAN, reboot the cable modem, plug it back in.
No reason to restart or reboot pfSense.If that does not work you will probably need to run a packet capture on the WAN interface for port 67 and see what’s really happening out there. I know I know. Thread Necro. But my comments are very pertinent to this particular situation.I experienced the same exact issue this morning.
I also have a similar setup including Comcast, Arris 6141, pfsense box (not exactly the same hardware.)I have had this issue for years now and no matter what pfSense version I’m using, it appears to occur on my box after power loss to both pieces of hardware. Now I unfortunately don’t know what is actually causing the issue, however, these are the steps I took to get back up and running:. Powerdown and disconnect pfSense box from power. Disconnect Arris Modem from power and.disconnect the Ethernet cord from the back of the unit. (.Disconnecting the ethernet cable seems to be the key here.). Reconnect pfSense to power and boot all the way to the options console. (No WAN IP listed at this point).
Connect power cable to modem and allow to boot all the way until you have Green, Blue, Blue, Green Solid LEDS from Top to bottom. Finally, plug in the ethernet that attaches to your router into the back of the modem and wait for a few seconds to see the last LED (pulse wave logo) on the modem illuminate and start blinking blue. Refresh the pfSense console by just pressing enter with no options input.Did you get a WAN IP?
Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |