Return to

Pfsense cant see internet behind adsl/router

Hi I am a noob when it comes setting up pfsense or networks and trying to learn. but i can't find much info on running pfsense behind a router that gives me a clear setup.
Running pfsense 2.3 on an old PC with 1 Wan and 1LAN port. Wan Port to the ADSL Router (not plugged into the its WAN port) like this:
ADSL modem/router >>>>> pfsense pc/dhcp >>>> Switch >>>> PCs

when i 1st connected everything on a fresh install it all just worked, all the PCs behind pfsense could see the internet. now i dont know what ive done and a fresh reinstall has not helped. i can get the PCs behind pfsense to see a DNS. sigh

Can you bridge your dsl modem?

1 Like

I just had a problem with this on my box, did you try going through the Setup Wizard again? It fixed the issue for me both times it happened after I changed hardware.

i would think you could its a billion 7800vdox but the interface is a pain!

yes i have. I seams PCs cant get the DNS. the thing is i can ping ips on the net and on the network fine from the web GUI. its there some rule i have to have to say pass on net traffic to the network?

The default pfSense rules on the LAN interface are to allow outgoing traffic, but deny unsolicited incoming traffic.

Are you sure that you have both DHCP working correctly and DNS servers configured?

lol no im not sure

You have to tell pfSense which DNS server(s) to use. Use for testing purposes.

The way that this info is conveyed to the hosts, is by DHCP, at the same time that the IP address is handed out.

EDIT: After you make these types of changes, you'll need to either provoke the host into requesting a new lease, or you'll have to go into pfSense and terminate the current lease.

I've frequently recommended this series of vids. I think that you'll find them to be helpful.

ok so i have & set for DNS
on my Configure WAN Interface:
Type set to DHCP?
Do i disable Block RFC1918 Private Networks? because the WAN ip will be a local from the connected router 192.168.1.*?

Edit: Yes im up to part 5.1 in those. the Network crash course one has been very helpful

Yeah, have your WAN interface draw an IP address from your DSL router, via DHCP.

Do not uncheck "Block Private Networks," or "Block Bogon Networks."

In the same way that your pfSense box gets an IP address from your router, your hosts will get an IP address from your pfSense box, via DHCP. So, go to the "Services" tab and configure DHCP for your LAN interface. Choose a subnet that is different than the one being used by your DSL router. So long as you wish to hand out the default DNS servers that you configured in the "System" tab, you won't have to re-type your preferred DNS servers here.

If I understand correctly, that'll work. The DSL is handing out, so you need a different subnet on your LAN interface. works just fine.

So, for example, you can use for your LAN interface IP. On your LAN DHCP config, you can hand out for the subnet. for the mask and through for the available DHCP address range. That way if you have any servers, switches, access points, etc., that need a static address, you can configure them in the through range.

this is what i dont get, this is how i kind of had it set up before. but i used the for the subnet on the DSL router and for PFS. From my understanding this keeps the networks separate? (which is what i want)
thanks for your help I will give this ago and come back with the results.

That works too. Just so long as the two networks are different, you're good.

1 Like

Worked a treat! thanks dont know what i did :frowning: because i have it set the same i wonder if i didnt unplug the the pc long enough to get the DHCP to kick in? how do I terminate the current DHCP lease? via the console?

Probably easier for you to go to the Windows terminal and type:

ipconfig /release

and then

ipconfig /renew


It is old topic but some guys still have problems.
I had this problem on Intel quad port card and resolve it with disabling WOL (Wake on LAN) on all Ethernet ports. If you don’t know terminal commands you can put your card in windows machine and in properties disable three WOL settings. I think there is three and one is disabled by default, but disable all WOLs.

Nope. First time when you loose connection or power it will not get IP address. You can try unplug modem and plug it in and will see no address. Disable WOL (wake on LAN) on Ethernet adapter and you will be fine.

Reset your router and then check your IP.