pfSense Forum

pfSense English Support => Virtualization installations and techniques => Topic started by: kjzero on December 05, 2017, 09:04:27 pm

Title: pfsense LAN connectivity issues
Post by: kjzero on December 05, 2017, 09:04:27 pm
Hello,

I have pfsense installed on a Xen hypervisor with two NICs. On pfsense LAN network, from a client, I can ping pfsense LAN IP, pfsense WAN IP, Gateway IP, 8.8.8.8, and www.google.com.

I can view pfsense's web interface on both WAN/LAN IPs from the client inside the LAN.

I cannot bring up any other web pages.

I am right now allowing all traffic through from both the LAN and WAN.

I do not know what is causing this issue
Title: Re: pfsense LAN connectivity issues
Post by: KOM on December 06, 2017, 10:27:33 am
Blocks upstream, like a cache or something else?

Quote
I am right now allowing all traffic through from both the LAN and WAN.

Sounds scary to me.  You normally don't let ANYTHING inbound on WAN except port forwards, for example.

Post your network details for WAN, LAN, and the firewall rules for both.  Remove or obfuscate any public IP references such as your WAN IP.
Title: pfsense LAN connectivity issues
Post by: kjzero on December 06, 2017, 12:49:24 pm
The WAN interface is not facing the internet. It is splitting my internal network in two right now.
Title: Re: pfsense LAN connectivity issues
Post by: KOM on December 06, 2017, 01:15:06 pm
Get rid of that Bogon rule on LAN.  LAN is almost always a private network, so blocking them is counterproductive.  Also get rid of that Allow Any rule on WAN.  The port forwards to your Wordpress box are fine.

You should also be aware that since your WAN is also private network space, the Block Bogons rule is going to interfere with anything trying to reach your WP server via port forward.
Title: Re: pfsense LAN connectivity issues
Post by: Derelict on December 06, 2017, 01:20:02 pm
Might be this:

https://forum.pfsense.org/index.php?topic=88467.msg512128#msg512128

An unfortunate but necessary step to using PV NICs on Xen/XenServer.

Alternately you can use hw.xen.disable_pv_nics=1 in /boot/loader.conf.local and reassign your interfaces to the reX NICs.

(Moving thread to Virtualization)
Title: pfsense LAN connectivity issues
Post by: kjzero on December 07, 2017, 09:51:36 am
Derelict your Xen NIC step seems to have fixed the issue. It looks like it is working perfectly now, thank you.


Thank you as well KOM for you assistance.