Netgate SG-1000 microFirewall

Author Topic: 2.4.2 Install Woes  (Read 551 times)

0 Members and 1 Guest are viewing this topic.

Offline Saxito Pau

  • Newbie
  • *
  • Posts: 6
  • Karma: +1/-0
    • View Profile
2.4.2 Install Woes
« on: December 14, 2017, 04:23:39 pm »
Hi New user here from Trinidad and Tobago

So my issue is with a PfSense install of 2.4.2

History: I started using Pfsense earlier this year. 2.3 on a  Biostar A68I-350 Deluxe ITX board. Internet connection is a cable modem
All was well until the hard drive died, then the board began acting up so I had to  park it up and use a Linksys router in the interim.

Recently got my hands on a used SuperMicro X7SPA-HF motherboard with 2GB RAM for just US$60. I also have a Realtek Ethernet card
To date no success with a 2.4.2 install A least a dozen installs with the main issue being with pinging to and from pfsense/ no internet through pfsense.

To make it simple, assume I am starting from scratch and I guess we isolate along the way.

Intended setup:
em0 - Dedicated IPMI
em1 - LAN
re0 - WAN

Did test install of Windows 7 Pro 64-bit just to be sure all the NICs worked. Driver installs were required for all. All got IPs via DHCP

Wipe, Install PfSense 2.4.2 via USB, Guided disk setup with UFS format
Reboot, set interface as desired. No other settings changed.

I have a laptop connects directly to it via cable, no WAN connection. This runs at this time separate from my usual internet connection

laptop gets IP address via DHCP = success
Ping pfsense from laptop via IP = success
Ping laptop from pfsense via IP= fail
Access pfsense web interface from laptop = success

So I humbly ask, where do we go from here?

Objective: make this router my main router with no issues

Offline Saxito Pau

  • Newbie
  • *
  • Posts: 6
  • Karma: +1/-0
    • View Profile
Re: 2.4.2 Install Woes
« Reply #1 on: December 14, 2017, 08:55:32 pm »
So after a not so good nap, I take another crack:


I decide to change IP address of Pfsense from 192.168.1.1 to 192.168.23.1 <---- corrected a GLARING typo , my bad!
I plug in a cable connected to the switch in my 192.168.1.0 network and wa la! Internet!


laptop gets IP address via DHCP = success
Ping pfsense from laptop via IP = success
Ping laptop from pfsense via IP= fail
Access pfsense web interface from laptop = success
ping internet host from laptop = success
ping internet host from pfsense = success

Why can't I ping a LAN IP from pfsense?  >:( >:( >:(


Next, I decide to connect WAN port of Pfsense directly to cable modem. Reboot pfsense.
Internet works ok through laptop.

In previous tries, I'd then change IP back to 192.168.1.1 and try to go live on my network and no internet. Little reluctant to do so this time.
Maybe leaving the current IP is an option, but then I'd have the change manual IPs set on several devices I have first. Not fun!

« Last Edit: December 14, 2017, 09:25:39 pm by Saxito Pau »

Offline kejianshi

  • Hero Member
  • *****
  • Posts: 4995
  • Karma: +199/-43
  • Debugging...
    • View Profile
Re: 2.4.2 Install Woes
« Reply #2 on: December 14, 2017, 09:12:11 pm »
Try using an entirely different IP range for pfsense and everything on the LAN side.

For instance 192.168.23.0 / 24

Where pfsense gets the 192.168.23.1 IP

DHCP range is say from .50 to .100

and static IPs can be from .2 - .49 or .101 - .254

or just anything like that.  See if it works. 

Offline Saxito Pau

  • Newbie
  • *
  • Posts: 6
  • Karma: +1/-0
    • View Profile
Re: 2.4.2 Install Woes
« Reply #3 on: December 14, 2017, 09:28:43 pm »

For instance 192.168.23.0 / 24


Due to my glaring typo in previous post I failed to convey that this is exactly what i did!! (it been Corrected)

And Yes in testing it works....

Then again, it might be fair to say that as an It guy, you probably shouldn't be using the default IP anyway...

Offline kejianshi

  • Hero Member
  • *****
  • Posts: 4995
  • Karma: +199/-43
  • Debugging...
    • View Profile
Re: 2.4.2 Install Woes
« Reply #4 on: December 14, 2017, 10:41:46 pm »
Now it all makes perfect sense (-:

Its a common problem.  You already did the right thing.

Offline Saxito Pau

  • Newbie
  • *
  • Posts: 6
  • Karma: +1/-0
    • View Profile
Re: 2.4.2 Install Woes
« Reply #5 on: December 15, 2017, 06:11:29 am »
Well I just made a very interesting discovery.

While grumbling over the prospect of changing all the manual IPs to a different subnet, I decided to log in to my FreeNAS server and look at the IPs of all the jails I'd need to change.

Imagine my surprise to find one of the FreeNAS jail/plugin IPs set as "192.168.1.1"

Well THAT could certainly account for why the many attempts to go live with pfsense with the default IP never worked...
I clearly didn't notice the IP address assigned when I created the jail. (and I ignored the cries from FreeNAS console about someone else's mac address trying to take my IP each time I  tried to go live!)

*facepalm and embarrassed*

I immediately deleted the jail. I'll test and confirm when I attempt to go live this evening...

Offline kejianshi

  • Hero Member
  • *****
  • Posts: 4995
  • Karma: +199/-43
  • Debugging...
    • View Profile
Re: 2.4.2 Install Woes
« Reply #6 on: December 15, 2017, 01:10:50 pm »
Yeah - Usually the problem is some other machine trying to grab 192.168.1.1 and making a mess of things. 
I wouldn't have expected it to be a jails problem though.  I will keep it in mind.

Offline Saxito Pau

  • Newbie
  • *
  • Posts: 6
  • Karma: +1/-0
    • View Profile
Re: 2.4.2 Install Woes
« Reply #7 on: December 15, 2017, 04:35:23 pm »
Oh, would you look at that?

Everything works without a hitch! Now to configure my firewall and VPN from scratch (UGH! at having to re-find the guides that I used)

Who'd thunk that a fricking FreeNAS jail would have been the source of a month's worth of woes???

@kejianshi, much thanks for your assistance which guided me to the source of my problem. Beers on me if you ever visit Trinidad.

All that's left is to figure why when I shut down this pfsense PC, I get an annoying continuous beep from the motherboard which only stops by unplugging the power cord. But that's left for another day and possibly another forum. (PSU seem to be a factor)

Offline Saxito Pau

  • Newbie
  • *
  • Posts: 6
  • Karma: +1/-0
    • View Profile
Re: 2.4.2 Install Woes
« Reply #8 on: December 18, 2017, 09:18:36 am »
Ok so not everything.... but I am obligated to post and update.

There was still some issues to be worked out:

I redid pfsense from scratch again this time to a 10.1.1.0/24 subnet

Testing  direct to pc from pfsense works

I go live and change over all those manual IPs.

I note that some devices could get dhcp, while others could and the usual reset ip and reboot devices still wont work, even updated LAN drivers.

At some point I decide to reset the Netgear managed switch (GS724T v2)- all of a sudden the down devices all got IP addresses . WTAF??


It would appear that the secondary culprit was the switch. So subtly messing with dhcp messages between pfsense and my PC!

At least this is my home lab and not some live work environment. I'd be out of a job by now.