Netgate 2100 - Initial Setup - Cannot access internet

kra · March 14, 2024, 1:03am

Hi,

I just bought a Netgate 2100 router and this is my first attempt to use pfsense. So, I am a newbie. I watched Lawrence’s youtube video of the initial setup and used the Setup Wizard to do the initial basic configuration. The 2100 router does get the WAN IP address. But the LAN cannot access anything on the WAN side. I cannot ping google.com.
I am using a Windows 11 laptop on the LAN side.

I have attached the screenshot of the 2100 connection status.

Can anyone enlighten me what configuration that I am missing. In the Lawrence’s initial setup video, he is able to ping google.com with just the setup I have.

Thanks for any help you can provide in this regard.

xMAXIMUSx · March 14, 2024, 2:27am

Your wan is using a private address. If you are going to use it like this then you will have to disable private network on the WAN interface.

Interfaces → WAN and disable the following:

Louie1961 · March 14, 2024, 10:36am

What do your firewall rules look like? Do you have a default rule that allows traffic to pass to WAN?

Stormlord · March 14, 2024, 2:10pm

Exact check your Lan Rules, set it too * * * * and thigh it later if needed.
Also on routing you can set de fault gateway to Auto.
Check if you ping 1.1.1.1 or 8.8.8.8, if yess its a DNS problem, you can adjust it in general and or in dhcp server.

kra · March 15, 2024, 4:33am

Thanks everyone for the response. I really appreciate it. Sorry for the late reply due to work.

My issue was what xMAXIMUSx had mentioned in his response. Once I disabled the private network on the WAN interface, I was able to access the internet I’m all good now.

I have one question though. What would constitute a private network? A LAN?

Thanks again!

Paul · March 15, 2024, 8:24am

A private network is any ip address in the RFC1918 range - What is an RFC1918 Address?

These addresses are reserved for internal network use (non internet IP’s)

You have to disable ‘Block private ****’ and ‘block bogon networks’ settings, as you are double natting.

If the wan connection was connected directly to the internet, you enable both options

.

kra · March 22, 2024, 5:10am

Thanks Paul for the information. Usual information as I want to replace my Frontier Fios router with this pfSense+ router.

I wanted to change the LAN subnet before I hooked up the Netgate 2100 to the ISP. In doing so, I messed the LAN config and I had to do factory reset which took so long for me.

Now, I have the same issue… I get the IP address from the ISP. However, I cannot ping 9.9.9.9. There is no communication between the LAN side & the WAN side.

Please find attached the screenshot of my connection status along with LAN & WAN rules.

JVComputers · March 27, 2024, 1:13pm

You don’t need the last rule in the WAN list (TCP, source WAN address, destination LAN Address). And you don’t need the second rule down in the LAN list (source LAN address, destination WAN address). Other than that, be sure you have DNS servers defined under System | General | DNS Servers. Then, go to Diagnostics | Ping and try to ping a web address directly from the pfSense. If that works, pfSense is set up to get online and your workstation should as well, unless you didn’t set up DHCP.