In step 6 when you sniffed, do you see arp being asked for. You need to figure out why you can not arp. And there you go - this would prevent pinging, this would prevent from sending traffic to it to get to the internet, etc. PFsense doesnt have Comcast modemrouter - ding ding ding. Can not ping an IP if can not arp for it. Gateway being set has nothing to do with talking to an IP on a network pfsense directly connected to.Īgain why - there are rules (hidden) that allow pfsense to do really anything it wants outbound. Huh? Pfsense would use the interface connected to a network to ping an IP on said network.
If your router is handing out dhcp to pfsense wan - why would you think changing it would have anything to do with the problem? Has nothing to do with you pinging something outbound - is your router trying to ping pfsense?Īlso pointless, as this is again unsolicited inbound traffic - is your router trying to ping pfsense? Help is super appreciated! I can provide whatever info upon request and not afraid to tear this down and redo if need Rules are inbound only, unsolicited traffic.
Have googled a ton, but not seeing anything to fix in terms of this Double NAT setup. Have been scratching my head for days and not sure what to do besides maybe reinstall Pfsense. Comcast modemrouter has ARP entry for PFsense but PFsense doesnt have Comcast modemrouter
Checking ARP table of Comcast modemrouter and Pfsense.Checking System>Firewall logs and Packet Capture(not seeing any ICMP traffic besides RA advertisements when Im pinging to test.Disabling packet filtering (disabling firewall and NAT).Made sure System>routing>gateways is set to WAN int to go to Comcast router LAN IP.Tried different IPs assigned to WAN interface like IP on comcast internal network, IPs not on it.Unchecked "block private networks" and "block bogon networks" on Pfsense WAN interface.Created a firewall rule to allow ICMP any source any destination on Pfsense WAN interface.I cannot ping from Pfsense WAN interface to my Comcast modemrouter LAN interface. I'm trying to setup a homelab and I know in general double NAT is bad, but I'm just trying to setup a temporary network that I'll ultimately be taking down and replacing the Comcast modemrouter with my Pfsense. First time using Pfsense and first time ever messing with anything other than Packet Tracer- so apologies.
0 kommentar(er)
