Help with PfSense setup, WAN / LAN issues

Hi all,

I’m really hoping you can help as I’m at a bit of a loss.

I’ve built my PfSense box and having all sorts of issues.

Setup is;
BT Internet > Fibre Modem > Ethernet Cable to PfSense Box > LAN > Laptop

System is;
Celeron G5900 and ASRock H410M-HVS.
Also using a 39Y6138 39Y6137 IBM OEM Intel PRO 1000 PT Quad Port PCIE NIC (sorry if that not the right name).

I had a lot of issues with it not auto finding my connections, it was really hit an miss.
I manually assigned the WAN and LAN and that seemed to work.

However,
While I was able to get the WAN connected to the internet, that was lost and showed as down following reboot.
I’m not sure if it just can’t see the port or the Modem?

LAN side seems works fine (can log into the UI from my PC and no issues with it losing the connection on reboot), but unable to connect to the internet.
I was able ping 8.8.8.8 from the Router but not the PC - can’t now since the reboot.

Things I’ve tried:

  • Modem reset
  • Ensured the gateway is set to default.
  • Re-ran the setup wizard
  • Checked the pfsense connectivity trouble shooting guide - no joy.

I’ve attached multiple screenshots of my settings.
To note, I have not done anything in Firewall, that must be the default?

Any help would be greatly appreciated. If there is any more I can supply please shout.
I will be off to bed shortly (UK) so will follow up tomorrow.

First things first, is the gateway <-> pfsense WAN port connected properly? Is it the correct WAN port? Is it lighting up at all?

What are the WAN interface status results? (Status → Interfaces)

This is kind of old, but mentions using VLAN 101 Vigor 2860 VDSL Setup

BT seems to have a bajilion different setups for their 17 different kinds of services. You have fiber going into your house/apartment? And you can physically see the ONT indoors? That is you have their FTTP fiber, and not FTTC (VDSL2) , right?

You set the WAN as a static IP instead of DHCP? Did you include your upstream ISP gateway?

You may need to set Interfaces > WAN : IPv4 Configuration Type to DHCP Then go to Status > System Logs > DHCP and post the logs.

Morning all,
Thanks for the replies, I will try them out later today and report back.

@NZSNIPER
No I don’t believe I set the WAN as static, it was sometimes failing to find the Linkup when selecting which port the WAN was plugged into.
This was during the initial setup on the command line before getting into the web ui.

Just a thought.
I may have read somewhere that PfSense and Realtek adapter don’t get along?
I may be mistaken?
The onboard LAN port on the motherboard is a Realtek RTL8111H, I was using this is the WAN port then using the PCIE intel card for the LAN.

I to have read an article suggesting the same thing, you are not mistaken. Might want to replace the ethernet port on the motherboard with an Intel ethernet card.

I’ll try moving everything over the in Intel NIC that I have in there (the quad port card) and try again this evening.

Yes I have FTTP and successfully uses an ASUS Router for the last year without issue.
So I should have the correct logon details for the connection (PPPoE).

I use to have the same issue with pfsense not able to get the WAN IP. This use to happen occasionally and this happened both with realtek and intel NIC. The temporary fix which ended up being the permanent fix for me was to have a regular switch between the modem and pfsense. I can’t recall but it had something to do with the port on the arris modem.

1 Like

This makes sense. I use to have to reboot my pfSense box often after my ISP does maintenance because it would lose its IP and never get it back, since replacing the Arris gateway for other reasons, I haven’t needed to reboot my router since.

1 Like

Evening all,
So I can confirm that my WAN connection issue is solved by only using the Intel quad NIC (onboard realtek was the issues here it seems)

So LAN is up, WAN is up, but no link between the two.
At least it’s down to one issue!

Let’s see your NAT outbound configuration?

Here you go.

Go to diagnostics > traceroute and enter 8.8.8.8 in hostname then click traceroute blue button and paste the logs here.

Do the same on your laptop cmd tracert 8.8.8.8

Will do later today.

Hi @daveo132, did you know you set up Pfsense in a way to allow a security flaw in the firewall. To fix it, you need to check both checkmarks under reserved networks on the wan setup page.

His gateway is set to a private address in the interfaces screen shot. Still don’t know if it’s a double NAT or not. So that would break the config.

Try tracert 8.8.8.8 on your ISP router too to find your upstream gateway IP.

Thanks both,
Went to reply, got pulled into work issues.

So I’ve made no changes to the setup (from default) other than to add the details of my ISP.
I’ll be able to get some more details off it this afternoon for you.

Are there any other screen shots that would help?

If your ISP is presenting a regular DHCP WAN connection then doing a factory reset or reinstalling pfsense might work. Changing your LAN subnet to something like 10.237.167.254 /24 255.255.255.0 could prevent issues.