For up-to-date information and comments, search the EE Community or start a new topic. |
29-04-2021 10:26 PM
I've been trying to get our new 5GEE WIFI box (the small box, not the "outside" box) working with pfSense, primarily as a backup connection at the office.
However, I can't get traffic to go over the connection or more accurately, I can ping over it, but the moment I try to load a web page, I end up with a connection reset error.
I suspect its a double Nat issue. If I connect the box direct to the lan switch then everyone can connect fine and WIFI connections work fine, its just if I go through the pfSense box when I get the issue.
Has anyone got one of these boxes to work with pfSense?
29-04-2021 10:58 PM
Is it possible to switch off the 5G and set for 4G Only and retest.
Or do the same but this time set the Router for 3G only and retest
22-05-2021 03:26 PM - edited 22-05-2021 03:27 PM
Have you configured the pfsense WAN interface for DHCP and does it receive an IP address in the subnet of the 5GEE Wifi box? Presumably you've connected the pfsense WAN port to a switch port of the 5GEE Wifi box (assuming it has such a free port, otherwise you may be accessing over Wifi)?
Edit: apologies for re-opening an old thread. I just posted in here and wrongly thought it was reasonably fresh. 😂
22-05-2021 06:52 PM
@mikeliuk : There's no DHCP on the WAN side.. DHCP is on the LAN.
22-05-2021 07:13 PM - edited 22-05-2021 07:25 PM
I use triple-NAT much to the amusement of my colleagues so double-NAT is definitely fine. You just need to set the WAN interface to DHCP per the below reference.
https://docs.netgate.com/pfsense/en/latest/interfaces/configure-ipv4.html
Edit: I agree that longer term you might switch WAN to a static address but for the purposes of debugging, there's nothing simpler than to set to DHCP. Bridging the second level router seems to make no sense to me as you want pfsense to act as a firewall or gateway so anything other than NAT seems to be a more advanced configuration to be tried after daisy-chained double-NAT is confirmed to work.
22-05-2021 07:22 PM - edited 22-05-2021 07:23 PM
@mikeliuk : OIC! DHCP is being used as a code for a dynamic public IP, having been produced by the DHCP situated at the IP addy provider network.
22-05-2021 07:30 PM - edited 22-05-2021 07:32 PM
I'm not actually sure what is configured on the WAN facing the service provider but if the user just wants to daisy-chain a pfsense box off the service router, DHCP on pfsense WAN is simplest way to do it.
As far as I can tell, it's the same way Android hotspots work where they take a DHCP lease from the router on that subnet and give out DHCP leases on another non-clashing subnet.
Edit: obviously when we typically join a WiFi or other Ethernet network, we obtain an IP address automatically by DHCP. We could set a static one instead.