Hi all. Unfortunately I need your help again…
I add a diagram of my network to help me explaing my problem. Since a couple of days I changed isp provider and I switched from FTTC to FTTH technology. I had the same network setup, I just changed the isp modem. The fiber is directly connected to the isp modem through an sfp module. Why since then the two TV (and nothing else) tell me they are not able to connect to the internet? Both receive the IP from DHCP server (pf sense) They randomly work but even when they work I got the message that the TVs are only able to connect to LAN but not to Internet…! Can anybody help? On PFsense I’m running suricata + PFblockerNG devel. All the other device (also the WiFi ones which are connected through an AP at the main managed switch) are working fine…
I’m not an expert but I can at least bounce ideas off of you.
Did you change the interface of the WAN connection on pfsense?
Maybe a firewall rule you have applied is set to the old interface?
Hi thanks,
No I didn’t change any setting… anyway it wouldn’t make sense that all the other devices work without problem anche can browse to the internet. I’m now writing from my phone which is on the same network of the two tv that have problems
Have you tried unplugging the TVs from power for a min or 2 and then reconnecting them to power and to the network to clear any cache.
Yes I did. I left them unplagged the entire night…I don’t know really where to look for to solve this issue?? My previous connection method when I had FTTC was PPPoE now it’s unclear…the isp didn’t give any explanation and they only said the sfp module was registered in order to function (so I can’t change sfp module). Do you think this change of connection method can be the problem or it doesn’t matter… I really don’t know where to look
Why are you running a double NAT? is the modem not capable of of bridge or passthrough mode?
Unfortunately not bridge mode for the isp modem. I can’t remove it because it makes the conversion to normal phone connection which is distributed through the house. The sfp module is also registered with the modem in order to establish the FTTH connection (this is what the isp technician told me)
The pfsense is behind a DMZ address.
On the isp modem I also set a static NAT to the pfsense box
The isp is Vodafone and the modem is “Vodafone Power Station”
Plug the TV’s in directly to the Voda router and see if they work from there. If they do then you know the issue is with pfSense.
If not then it’s something router / ISP related.
Yesterday night I did the 3rd/4th reboot for the vodafone modem, the pfsense box the main managed switch and the unmanaged Switch (I also changed the port on the unmanaged switch) and worked again. I can’t explain! Switching the port doesn’t make either because I had the problem on two different tv that were connected as in the photo… today I hadn’t the chance to see if it’s still working.
I don’t understand…
Sometimes you just have to accept that it just started working. If it continues to work great. If not we can look again.
I‘be just checked…it’s still working on both TVs. Thank you! If it will happen again I’ll write here again…
Here I am again. Since last update I didn’t do anything to the network. Since Monday I’m not able to connect to the internet with the two TVs… rebooting didn’t help this time…
Anybody can help?
I tried with the ping functionality from my pfsense and I get 100% packet los if I try to ping one of the two TVs from the wan side of my pfsense box (but it works from the lan side as expected)
Hi. I’m still here experiencing the same issue. It really never get solved. I did a new test and this may be helpful…
I used my phone as a router, enabled the hotspot feature and connected the tv via WiFi through my phone. They worked immediately. What can it be on my network that is now working properly? What can I do?
Ok, a few things to try.
From a working laptop / PC / Mac on the 192.168.100.0 subnet;
- Can you ping the TV’s by IP address
- Can you ping the pfsense box on the 192.168.100.0 subnet
- Can you ping the managed switch
- Can you ping the un-managed switch
- Can you ping 192.168.10.10
- Can you ping 192.168.10.1
- Can you ping 8.8.8.8
- Can you ping www.google.com
- On pfSense can you ping the managed or unmanaged switch from the LAN
- On pfSense can you ping the managed or unmanaged switch from the WAN
This will set a benchmark for so you know what should work
If you are able to run a ping from the TVs;
- Do you have link lights on the switch ports that the TV’s are connected too?
- Can you ping the pfsense box, managed or unmanaged switch on the 192.168.100.0 subnet.
- Are you able to ping 192.168.10.10 from the TV’s
- Are you able to ping 192.168.10.1 from the TV’s
- Are you able to ping 8.8.8.8 from the TV’s
- Are you able to ping www.google.com from the TV’s
Normally I would not expect you to be able to ping devices on your LAN from the WAN unless you have put a rule into pfSense to allow it.
Hi in order:
1 yes I can ping both TVs from a working computer on thdd ed lan
2 yes I can ping pfsense Box at 192.168.100.0
3 yes I can ping the managed switch
4 no I can’t ping the unmanaged switch because I don’t have the ipaddress…it’s unmanaged
5 yes I can ping 192.168.10.10
6 yes I can ping 192.168.10.1
7 no I can’t ping 8.8.8.8 (from lan side of pfsense I can ping it) but I can ping 8.8.4.4 or 1.1.1.1
8 yes I can ping google.com
9 yes from pfsense lan side I can ping the TVs
10 no from pfsense wan side I can’t ping anything on lan side
About TV
I cannot run ping from TVs
1 yes it has lights status and activity
Update: yes I can ping 8.8.8.8 (PFbockingng was blocking it, I added it to a whitelist and I can now ping it)
If it’s possible to, plug them directly into the router or if direct cabling doesn’t allow then create a vlan for WAN and connect them and the router to that.
Or turn off pfblocker.
I already tried to directly plug the TVs into the ISP modem/router and I still get the same error. If I use my phone as a router for LTE and connect te tv via WiFi to the phone everything works fine…
Does the isp router have wireless and have you tried the TV’s to that wirelessly.
I’m starting to run out of ideas, but I have had problems with an older apple TV and a cable internet connection because the apple TV would not allow any modification of the MTU (manually or automatically) on the wired side. Worked fine on wireless but was terrible on a wired connection. Worked fine on my DSL service but not on cable. You might be having the same issue.
Been a while since I have done it but maybe run a test of the max MTU size;
ping 8.8.8.8 -f -l 1500
reduce 1500 by 10 till it starts working
increase by 1 till it stops
reduce by 1 again (you want the highest number that will work and not fail)
Then I get a bit hazy but I think you need to take 32 off that and set the MTU to that figure (google MTU tuning and I’m sure something will turn up)
Option 2 would be to plug in via a hub or switch that supports port mirriring and grab a packet capture
Option 3 ring the ISP and see what they have to say (probably nothing helpful)
Hi! Thank you for the time you are spending on this and sorry for me not to reply earlier!
The isp modem/router has a built-in WiFi I didn’t tested.
I don’t know how perform the tests regarding the MTU you are suggesting me. But…but…the day you replied here I came back home to try again to investigate as you were saying here but once home I powered up the tv and before doing anything I went to the network settings. I did nothing and it was connected. So I went to the other tv and it was connected as well. Since then up to today I had no problem.
This convinced me more and more that’s something related to my isp. I don’t know how to do with something unpredictable like this…what if happens again? I don’t remember if I said this but I started having this issue since I changed from FTTC (basically it’s an enhanced DSL service) to FTTH
What would I do if the problem will appear again?!!!