pfSense Gold Subscription

Author Topic: pfSense 2.2 not passing traffic, but ping does get through  (Read 15220 times)

0 Members and 1 Guest are viewing this topic.

Offline yaplej

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Re: pfSense 2.2 not passing traffic, but ping does get through
« Reply #15 on: May 02, 2015, 11:39:35 pm »
I just ran into this issue too.  I have been beating my brain to figure out what the issue was.  Once I switched the vNICs to e1000 everything worked.

Offline tier3

  • Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
Re: pfSense 2.2 not passing traffic, but ping does get through
« Reply #16 on: September 08, 2015, 12:37:44 pm »
how to change vNICs to e1000 in xenserver 6.5

Offline mdima

  • Sr. Member
  • ****
  • Posts: 399
  • Karma: +0/-0
    • View Profile
Re: pfSense 2.2 not passing traffic, but ping does get through
« Reply #17 on: October 20, 2015, 08:44:16 am »
Hello,
 I am running in the same problem just, it is not a Virtual Machine, just a normal HP server with 4 Intel NICs...

I already disabled the Hardware checksum offload, and disabled "fast IP forwarding", but on one of my server (the primary) after a reboot this happens... :S

Thanks,
Michele

Offline RK57

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Re: pfSense 2.2 not passing traffic, but ping does get through
« Reply #18 on: November 27, 2015, 03:46:28 am »
facing a similar issue since few days, have read almost every thread on this topic but couldn't make it work yet..!

My network setup is as follows

ISP modem to rl0 ie wan on pfsense , lan re0 to my switch box .

everything was fine until last two days suddenly pfsense stopped giving access to the internet,, tried almost everything known but no success,, finally reconfigured the pfsense NO SUCCESS still.

mine is a static IP connection ,
I am able to ping anything and everything from the pfsense ping host using ip address aswell as the host-names, However i am not able to ping through the client using HOST-NAMES only IP address works and thats what i think is the problem,,

ANY HELP would be heartily appreciated.. ! thanks in advance..

Offline KOM

  • Hero Member
  • *****
  • Posts: 5412
  • Karma: +674/-19
    • View Profile
Re: pfSense 2.2 not passing traffic, but ping does get through
« Reply #19 on: November 27, 2015, 07:52:59 am »
Quote
i am not able to ping through the client using HOST-NAMES only IP address works

Sounds like a DNS issue.  Check your client DNS settings and work up from there.  What is DNS for your network? pfSense?

Offline RK57

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Re: pfSense 2.2 not passing traffic, but ping does get through
« Reply #20 on: November 27, 2015, 10:46:04 pm »
Thanks for the reply KOM.

my dns addresses are as follows : pref dns; 103.29.249.245
                                                   alt dns :8.8.8.8

Also if i configure the same settings in my  DLINK DIR 600 ROUTER ie if i bypass the pfsense everything seems to work perfect. , my clients systems are on DHCP and refer to the pfsense LAN ip ie 192.168.0.1 as the gateway and the DNS server,
« Last Edit: November 27, 2015, 10:58:32 pm by RK57 »

Offline gjaltemba

  • Sr. Member
  • ****
  • Posts: 332
  • Karma: +24/-2
    • View Profile
Re: pfSense 2.2 not passing traffic, but ping does get through
« Reply #21 on: November 28, 2015, 07:28:43 am »
I had the same problem as described in op with Xen and pfSense. The first sticky post in this forum describes the problem and a workaround. In the end, I had to turn off just the checksum offload on my private network using ethtool.

IMPORTANT: Xen/KVM networking will not work on 2.2 using default hypervisor settings!
https://forum.pfsense.org/index.php?topic=88467.0

Offline EddDeDuck

  • Newbie
  • *
  • Posts: 1
  • Karma: +1/-0
    • View Profile
Re: pfSense 2.2 not passing traffic, but ping does get through
« Reply #22 on: September 21, 2016, 04:11:54 pm »
I had this same problem with ProxmoVE. pfSense installed as KVM with "VirtIO" emulator which is default for KVM. WAN bride with eth0 and go out. Local bridge for LAN side of pfSense.

Installed Windows & Ubuntu with VirtIO Driver. When Windows VM was set to go through pfSense I could ping but no internet no TCP/UDP connections at all. Same scenario. After bashing my head on the wall for whole sleepless night trying to resolve this. Finally I decided to setup XenServer instead of Proxmox which runs Xen hypervisor.

Implemented the same setup in XenServer with all default settings. Windows was installed with default Realtek NIC driver. Alverything worked perfectly fine.

When I installed xe-tools which turned Realtek NIC to "Xen Paravirtualized driver" it stopped work with same results as above. When I uninstalled xe-tools it worked again.

Conclusion
From this what I can see is Paravirtualzied drives are causing this issue in both setup. VirtIO in KVM & PV in Xen. With other NIC emulators like e1000 or Realtek it works fine.

I haven't found a solution to get this working with para drivers which will improve the performance.

I wanted to post here to first say a deep and heartfelt THANK YOU for posting this as I spent days trying to work out why all my Linux boxes didn't have internet but my Mac's and Windows machines did. After trying loads of tests and variations I found your thread which was the final clue :)

For the record (and to help people searching with similar issues) I am running pfsense on a Virtualised installation on a QNAP server, it worked great apart from Linux VM's not having internet and the QNAP itself (if sharing a virtualised switch) also lacking internet. If you route the QNAP via a none virtualised ethernet socket then you aren't affected.

Ping worked just fine. When I swapped to the Realtek ethernet emulator everything started working again.

Offline DigitalDaz

  • Newbie
  • *
  • Posts: 6
  • Karma: +0/-0
    • View Profile
Re: pfSense 2.2 not passing traffic, but ping does get through
« Reply #23 on: November 05, 2017, 10:33:19 am »
@Bullz3y3 Your advice on switching to e1000 is as good on the latest version of Proxmox and the latest version of pfsense as it was in 2015, this was driving me insane, thank you!