Netgate SG-1000 microFirewall

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - dakoellis

Pages: [1]
IPv6 / DHCPv6 not giving out working IP addresses - Wrong Subnet
« on: March 08, 2018, 11:56:15 am »
I'm having the same issue as the person here:

Essentially, if I use SLAAC or Manual Assignment of IPv6 addresses, I have no problem getting IPv6 connectivity.  If I only use DHCPv6 (i.e. managed instead of assisted/unmanaged for RA advertisements) I don't get any IPv6 Connectivity.  my linux desktops show the address as a /128, mac shows as a /64, and windows shows it as preferred, but none of them can actually use the IPv6 Address.  I wasn't really sure what the second comment in that linked thread was trying to explain, so I was hoping someone can help me figure out what is going on.


NAT / Re: Cannot get Public IP on LAN to connect without NAT
« on: November 18, 2015, 12:17:58 pm »
OK you were right, the route wasn't setup correctly :(  Everything is working perfectly now.  Thanks a bunch for your help!

NAT / Re: Cannot get Public IP on LAN to connect without NAT
« on: November 18, 2015, 10:00:07 am »
Then fix that I guess.  Nowhere near enough details to help you.

I'm currently waiting on a reply from the ISP on verifying the route (this was implemented yesterday) but would the forwarding explain why the router would work with NAT enabled but not disabled?  I'm still fairly new to networking and have learned quite a bit through this process.

NAT / Re: Cannot get Public IP on LAN to connect without NAT
« on: November 18, 2015, 09:26:55 am »
OK let me step back a bit.  I have been working on this for a couple of weeks on a subnet that I know is working (and other gateways I've tried work fine with).  I contacted my ISP to get another subnet when I did something that enabled me to see a bunch of the traffic was being blocked due to asymetric routing. 

NAT / Re: Cannot get Public IP on LAN to connect without NAT
« on: November 17, 2015, 06:58:41 pm »
> Are you sure the LAN subnet is routed to the proper IP address on your WAN interface by the ISP?

I'm not 100% positive because I just requested it and haven't gotten it to work, but It works correctly with all other subnets they've done first time.  I did try running a second gateway through another subnet that is currently in production, and it did not work there either, but I believe that was due to asymmetric routing issues due to some of the traffic issues I was getting.  That said, the "Bypass firewall rules for traffic on the same interface" didn't help the situation there.

Rules on WAN have nothing to do with connections originated by your LAN hosts.

Yeah I get that.  Just something I tried after a couple of weeks with no progress

For inbound connections you don't use port forwards. You only use firewall rules passing the appropriate traffic to the appropriate destinations.

I haven't done anything with port forwards, and an allow all any proto any address should be good for the rules correct?

NAT / Cannot get Public IP on LAN to connect without NAT
« on: November 17, 2015, 05:42:27 pm »
Hi All,

I have 2 public IP subnets and I can't get pfsense to work the way I want to with them.  My goal is simply to disable NAT for the LAN side computers.  What everything I've seen says should work is to select Manual Outbound NAT rule generation (AON - Advanced Outbound NAT) and delete all the rules that come up, but when I do that I don't have Internet on any computers on the LAN side.  It works perfectly fine with Automatic NAT enabled, but then I of course have NAT enabled which is not desired.  I also made sure that I have firewall rules to allow all traffic on both the WAN and LAN interfaces.  Lastly I tried disabling the firewall/NAT altogether in System > Advanced > Firewall/NAT, but that didn't work either.

The weird thing to me is that when I check the firewall logs, there doesn't seem to be any traffic coming from the computer I am testing with (and making configuration changes with) to the firewall at all.  I am able to ping google with the LAN port of pfsense, but not with any devices on the LAN, even though the LAN devices can contact the router.  I'm hoping someone can give me some insight into what could possibly be going on because I've been at this for a couple of weeks now and nothing seems to be working.

Pages: [1]