Re: [pfSense] Wireless Issues
On Mon, Sep 26, 2011 at 1:01 AM, Chris Buechler c...@pfsense.org wrote: That is the problem. Delete one of the bridges and add all the interfaces to the other, and you'll be back to the behavior you had in 1.2.3. http://redmine.pfsense.org/issues/1903 Done and done, wireless is now fixed. Was I the first one to report this as a bug though? if I had realized it was an actual bug, I would have made the report myself lol. -- Chris Brennan A: Yes. Q: Are you sure? A: Because it reverses the logical flow of conversation. Q: Why is top posting frowned upon? http://xkcd.com/84/ | http://xkcd.com/149/ | http://xkcd.com/549/ GPG: D5B20C0C (6741 8EE4 6C7D 11FB 8DA8 9E4A EECD 9A84 D5B2 0C0C) ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Wireless Issues
On Mon, Sep 26, 2011 at 1:43 AM, wayne abroue plet...@gmail.com wrote: To add to this mystery, Could u tell us whats on opt1? And why is it bridged with LAN? I couldn't afford a new 16-port switch, so I am using OPT1 and LAN for 2 8-port switches which I already posses. -- Chris Brennan A: Yes. Q: Are you sure? A: Because it reverses the logical flow of conversation. Q: Why is top posting frowned upon? http://xkcd.com/84/ | http://xkcd.com/149/ | http://xkcd.com/549/ GPG: D5B20C0C (6741 8EE4 6C7D 11FB 8DA8 9E4A EECD 9A84 D5B2 0C0C) ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Wireless Issues
On Mon, 2011-09-26 at 10:53 -0400, Chris Brennan wrote: On Mon, Sep 26, 2011 at 1:43 AM, wayne abroue plet...@gmail.com wrote: To add to this mystery, Could u tell us whats on opt1? And why is it bridged with LAN? I couldn't afford a new 16-port switch, so I am using OPT1 and LAN for 2 8-port switches which I already posses. -- OK, Then just add wireless to that bridge. Wayne A ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Wireless Issues
On Sep 24, 2011, at 11:44 PM, Chris Brennan wrote: On Sun, Sep 25, 2011 at 1:58 AM, Chris Brennan xa...@xaerolimit.net wrote: As far as I know, it is bridged. I was looking around today but I couldn't find any kind of bridging interface in the pfsense GUI. I'm not home right now, but will be shortly, then to bed. I will paste my bridged interfaces from the cmdln and get it to the list. Maybe this is the problem. Yes, it certainly seems that both the LAN and Wireless interfaces should be in the same bridge group. Interfaces-(assign)-Bridges ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Wireless Issues
On Sun, Sep 25, 2011 at 2:57 AM, Chris L c...@viptalk.net wrote: Yes, it certainly seems that both the LAN and Wireless interfaces should be in the same bridge group. Interfaces-(assign)-Bridges According to that location, the web interface says bridge1 is WLAN and LAN... http://i.imgur.com/BlOFz.png ... maybe pfSense-2.0 didn't correctly upgrade/convert what ever it did and I need to recreate it? -- Chris Brennan A: Yes. Q: Are you sure? A: Because it reverses the logical flow of conversation. Q: Why is top posting frowned upon? http://xkcd.com/84/ | http://xkcd.com/149/ | http://xkcd.com/549/ GPG: D5B20C0C (6741 8EE4 6C7D 11FB 8DA8 9E4A EECD 9A84 D5B2 0C0C) ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Wireless Issues
On Sun, Sep 25, 2011 at 3:30 PM, Chris L c...@viptalk.net wrote: It doesn't make sense to me to have the LAN interface in two different bridge groups. If you want LAN, WLAN, and OPT1 in the same bridge, why not put them in one bridge? I've been asking myself that very same question now. I had always questioned why I had two bridge interfaces and couldn't figure out why I only had one in pfS-1.2.3, so I'm left with the conclusion that the upgrade process did something it shouldn't have. I will go ahead and move it all into one bridge, would this solve my issues of not being able to connect to my wireless though? That is still the larger issue here. -- Chris Brennan A: Yes. Q: Are you sure? A: Because it reverses the logical flow of conversation. Q: Why is top posting frowned upon? http://xkcd.com/84/ | http://xkcd.com/149/ | http://xkcd.com/549/ GPG: D5B20C0C (6741 8EE4 6C7D 11FB 8DA8 9E4A EECD 9A84 D5B2 0C0C) ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Wireless Issues
On Sep 25, 2011, at 12:48 PM, Chris Brennan wrote: On Sun, Sep 25, 2011 at 3:30 PM, Chris L c...@viptalk.net wrote: It doesn't make sense to me to have the LAN interface in two different bridge groups. If you want LAN, WLAN, and OPT1 in the same bridge, why not put them in one bridge? I've been asking myself that very same question now. I had always questioned why I had two bridge interfaces and couldn't figure out why I only had one in pfS-1.2.3, so I'm left with the conclusion that the upgrade process did something it shouldn't have. I will go ahead and move it all into one bridge, would this solve my issues of not being able to connect to my wireless though? That is still the larger issue here. I don't know. If it were me I'd delete and rebuild the bridge interfaces. If your config is otherwise simple, I might just default the whole thing and reconfigure from scratch. ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Wireless Issues
On Sun, Sep 25, 2011 at 5:06 PM, Chris L c...@viptalk.net wrote: I don't know. If it were me I'd delete and rebuild the bridge interfaces. If your config is otherwise simple, I might just default the whole thing and reconfigure from scratch. NEAT! Problem solved. I added opt1, LAN and WLAN to bridge0 and deleted bride1 and it resolved itself. Wireless is now working again. But there is still the unresolved mystery of why pfSense-2.0 created two and split them the way it did. Most curious! -- Chris Brennan A: Yes. Q: Are you sure? A: Because it reverses the logical flow of conversation. Q: Why is top posting frowned upon? http://xkcd.com/84/ | http://xkcd.com/149/ | http://xkcd.com/549/ GPG: D5B20C0C (6741 8EE4 6C7D 11FB 8DA8 9E4A EECD 9A84 D5B2 0C0C) ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Wireless Issues
On Sun, Sep 25, 2011 at 3:26 PM, Chris Brennan xa...@xaerolimit.net wrote: On Sun, Sep 25, 2011 at 2:57 AM, Chris L c...@viptalk.net wrote: Yes, it certainly seems that both the LAN and Wireless interfaces should be in the same bridge group. Interfaces-(assign)-Bridges According to that location, the web interface says bridge1 is WLAN and LAN... http://i.imgur.com/BlOFz.png ... maybe pfSense-2.0 didn't correctly upgrade/convert what ever it did and I need to recreate it? That is the problem. Delete one of the bridges and add all the interfaces to the other, and you'll be back to the behavior you had in 1.2.3. http://redmine.pfsense.org/issues/1903 ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Wireless Issues
On Sun, Sep 25, 2011 at 9:26 PM, Chris Brennan xa...@xaerolimit.net wrote: On Sun, Sep 25, 2011 at 2:57 AM, Chris L c...@viptalk.net wrote: Yes, it certainly seems that both the LAN and Wireless interfaces should be in the same bridge group. Interfaces-(assign)-Bridges According to that location, the web interface says bridge1 is WLAN and LAN... http://i.imgur.com/BlOFz.png ... maybe pfSense-2.0 didn't correctly upgrade/convert what ever it did and I need to recreate it? To add to this mystery, Could u tell us whats on opt1? And why is it bridged with LAN? Wayne A ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Wireless Issues
did u put a firewall rule to allow traffic on this interface ? 2011/9/24 Chris Brennan xa...@xaerolimit.net I've got pfSense 2.0 running and for the wired side of my LAN, it works fine. The problem is my Wireless LAN. I can associate just fine, but none of my wireless devices (Blu-Ray Player, Sony TV, iPod, Android Phone) cannot browse to the internet and I cannot figure out why. I could certainly use some guidance here as to why. P.S. I'm still new to pfSense in general and 2.0 specifically, so please, be kind to me :D -- Chris Brennan A: Yes. Q: Are you sure? A: Because it reverses the logical flow of conversation. Q: Why is top posting frowned upon? http://xkcd.com/84/ | http://xkcd.com/149/ | http://xkcd.com/549/ GPG: D5B20C0C (6741 8EE4 6C7D 11FB 8DA8 9E4A EECD 9A84 D5B2 0C0C) ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list -- Alexandre ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Wireless Issues
On Sep 23, 2011, at 11:45 PM, Chris Brennan wrote: I've got pfSense 2.0 running and for the wired side of my LAN, it works fine. The problem is my Wireless LAN. I can associate just fine, but none of my wireless devices (Blu-Ray Player, Sony TV, iPod, Android Phone) cannot browse to the internet and I cannot figure out why. I could certainly use some guidance here as to why. Umm. On the wireless clients, check: Assigned addresses Assigned netmask Assigned default gateway Assigned DNS servers There's not much more to it. P.S. I'm still new to pfSense in general and 2.0 specifically, so please, be kind to me :D -- Chris Brennan A: Yes. Q: Are you sure? A: Because it reverses the logical flow of conversation. Q: Why is top posting frowned upon? http://xkcd.com/84/ | http://xkcd.com/149/ | http://xkcd.com/549/ GPG: D5B20C0C (6741 8EE4 6C7D 11FB 8DA8 9E4A EECD 9A84 D5B2 0C0C) ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Wireless Issues
On Sat, Sep 24, 2011 at 2:52 AM, Alexandre Paradis alexandre.para...@gmail.com wrote: did u put a firewall rule to allow traffic on this interface ? Yes, this was an upgrade, it was working fine in pfSense-1.2.3 and when I upgraded, it stopped working and that's what I can't figure out. Why and how to correct it. -- Chris Brennan A: Yes. Q: Are you sure? A: Because it reverses the logical flow of conversation. Q: Why is top posting frowned upon? http://xkcd.com/84/ | http://xkcd.com/149/ | http://xkcd.com/549/ GPG: D5B20C0C (6741 8EE4 6C7D 11FB 8DA8 9E4A EECD 9A84 D5B2 0C0C) ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Wireless Issues
On Sat, Sep 24, 2011 at 2:52 AM, Chris L c...@viptalk.net wrote: Umm. On the wireless clients, check: Assigned addresses Assigned netmask Assigned default gateway Assigned DNS servers There's not much more to it. Yes, all the clients are assigned IP's via DHCP, so that wouldn't matter anyway. I've double-checked and even triple-checked all my defaults. My clients get an IP in the right range, they are given the right gateway and DNS servers, they just can't go anywhere. -- Chris Brennan A: Yes. Q: Are you sure? A: Because it reverses the logical flow of conversation. Q: Why is top posting frowned upon? http://xkcd.com/84/ | http://xkcd.com/149/ | http://xkcd.com/549/ GPG: D5B20C0C (6741 8EE4 6C7D 11FB 8DA8 9E4A EECD 9A84 D5B2 0C0C) ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Wireless Issues
With my setup, i had to add a rule to allow DNS (53) IPv4 UDPWLAN net*192.168.6.153 (DNS)*none But i still have some issue ... at least web browsing is working. 2011/9/24 Chris Brennan xa...@xaerolimit.net On Sat, Sep 24, 2011 at 2:52 AM, Alexandre Paradis alexandre.para...@gmail.com wrote: did u put a firewall rule to allow traffic on this interface ? Yes, this was an upgrade, it was working fine in pfSense-1.2.3 and when I upgraded, it stopped working and that's what I can't figure out. Why and how to correct it. -- Chris Brennan A: Yes. Q: Are you sure? A: Because it reverses the logical flow of conversation. Q: Why is top posting frowned upon? http://xkcd.com/84/ | http://xkcd.com/149/ | http://xkcd.com/549/ GPG: D5B20C0C (6741 8EE4 6C7D 11FB 8DA8 9E4A EECD 9A84 D5B2 0C0C) ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list -- Alexandre ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Wireless Issues
On Sat, Sep 24, 2011 at 3:12 AM, Alexandre Paradis alexandre.para...@gmail.com wrote: With my setup, i had to add a rule to allow DNS (53) IPv4 UDP WLAN net * 192.168.6.1 53 (DNS) * none But i still have some issue ... at least web browsing is working. No such luck, no change. I have a blanket rule to let everything out right now as a test and that didn't work either -- Chris Brennan A: Yes. Q: Are you sure? A: Because it reverses the logical flow of conversation. Q: Why is top posting frowned upon? http://xkcd.com/84/ | http://xkcd.com/149/ | http://xkcd.com/549/ GPG: D5B20C0C (6741 8EE4 6C7D 11FB 8DA8 9E4A EECD 9A84 D5B2 0C0C) ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Wireless Issues
On Sep 24, 2011, at 12:07 AM, Chris Brennan wrote: On Sat, Sep 24, 2011 at 2:52 AM, Chris L c...@viptalk.net wrote: Umm. On the wireless clients, check: Assigned addresses Assigned netmask Assigned default gateway Assigned DNS servers There's not much more to it. Yes, all the clients are assigned IP's via DHCP, so that wouldn't matter anyway. It matters if they're given wrong info. I've double-checked and even triple-checked all my defaults. My clients get an IP in the right range, they are given the right gateway and DNS servers, they just can't go anywhere. Is this an access point on your wired LAN pfSense interface or a wireless device built into your pfSense device? ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Wireless Issues
On Sat, Sep 24, 2011 at 3:34 AM, Chris L c...@viptalk.net wrote: Yes, all the clients are assigned IP's via DHCP, so that wouldn't matter anyway. It matters if they're given wrong info. I've double-checked and even triple-checked all my defaults. My clients get an IP in the right range, they are given the right gateway and DNS servers, they just can't go anywhere. I've checked their DHCP assignments, they are getting the right info, I can navigate *within* the LAN just fine (wirelessly), I just can't leave it (again, wirelessly). Is this an access point on your wired LAN pfSense interface or a wireless device built into your pfSense device? I will answer both Chris's at once here with a quick breakdown of my Wireless settings: The device is a Netgate 2D13 Firewall, with an alix board and an ath-related card. LIke I said, it was working, I had to swap boards for the exact same one, and then I upgraded the device, but it was working prior to the upgrade. General Setup: Enable: checked Description: Wireless Type: DHCP MAC Address: blank MTU: blank MSS: blank Speed Duplex: unmodified DHCP Client Configuration: Hostname: blank Alias IP address: blank Common Wireless Configuration: Standard: 802.11g 802.11g OFDM Protection Mode: off Transmit Power: 99 Channel: Auto Antenna settings: Default/Default/Default Distance Setting: blank Regulatory Settings: (these would be US related though if changed) Domain: blank County: blank Location: blank Network-specific wireless configuration: Mode: Acess Point SSID: The Realm Allow intra-BSS Com: unchecked Enable WME: unchecked Enable Hide SSID: unchecked WEP: unchecked WPA: checked PSK: My WPA/WPA2 key WPA Mode: Both WPA Key management Mode: Pre-Shared Key Authentication: OSA WPA Pairwise: AES Key Rotation: 9000 Master Key Regen: Strict Key Regeneration: unchecked Enable IEEE802.1X Auth: unchecked 802.1X Authentication Roaming Preauth: unchecked Private Networks: Block private networks: unchecked Block bogo networks: unchecked -- Chris Brennan A: Yes. Q: Are you sure? A: Because it reverses the logical flow of conversation. Q: Why is top posting frowned upon? http://xkcd.com/84/ | http://xkcd.com/149/ | http://xkcd.com/549/ GPG: D5B20C0C (6741 8EE4 6C7D 11FB 8DA8 9E4A EECD 9A84 D5B2 0C0C) ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Wireless Issues
On Sep 24, 2011, at 8:22 AM, Chris Brennan wrote: On Sat, Sep 24, 2011 at 3:34 AM, Chris L c...@viptalk.net wrote: Yes, all the clients are assigned IP's via DHCP, so that wouldn't matter anyway. It matters if they're given wrong info. I've double-checked and even triple-checked all my defaults. My clients get an IP in the right range, they are given the right gateway and DNS servers, they just can't go anywhere. I've checked their DHCP assignments, they are getting the right info, I can navigate *within* the LAN just fine (wirelessly), I just can't leave it (again, wirelessly). Does that include being able to access the pfSense interface? Can you ping it and bring up the admin interface in a web browser (using the IP address) If so, then you can stop looking at the wireless config and focus on your firewall rules for the wireless interface. You haven't stated what can't go anywhere and inability to leave the WLAN really means. Are they unable to resolve DNS? Can they ping outside using just IP addresses? Anything useful being logged in the firewall? ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Wireless Issues
On Sat, Sep 24, 2011 at 4:31 PM, Chris L c...@viptalk.net wrote: On Sep 24, 2011, at 8:22 AM, Chris Brennan wrote: On Sat, Sep 24, 2011 at 3:34 AM, Chris L c...@viptalk.net wrote: Yes, all the clients are assigned IP's via DHCP, so that wouldn't matter anyway. It matters if they're given wrong info. I've double-checked and even triple-checked all my defaults. My clients get an IP in the right range, they are given the right gateway and DNS servers, they just can't go anywhere. I've checked their DHCP assignments, they are getting the right info, I can navigate *within* the LAN just fine (wirelessly), I just can't leave it (again, wirelessly). Does that include being able to access the pfSense interface? Can you ping it and bring up the admin interface in a web browser (using the IP address) Yes, sorta. I plugged https://192.168.0.1 into my android phone's browser and I got the security certificate warning and then was presented with ddwrt ... then I went wtf!?! I forgot, my old linksys running ddwrt was still running and it never occurred to me to unplug it. If so, then you can stop looking at the wireless config and focus on your firewall rules for the wireless interface. You haven't stated what can't go anywhere and inability to leave the WLAN really means. Are they unable to resolve DNS? Can they ping outside using just IP addresses? Anything useful being logged in the firewall? So now that the interferring linksys has been shut down, I checked my iPod and android phone, both get ip's in the 169.254.40.0 range (not the 192.168.0.0 range of my LAN). I tried assigning a manual IP to my iPod and I was unable to navigate the LAN at all. When I go to Services - DHCP Server I get the following warning at the top. ** *The DHCP Server can only be enabled on interfaces configured with static IP addresses. Only interfaces configured with a static IP will be shown. * ** I'm not sure if this applies to me or not and why my devices are not getting a wireless IP in the proper range (192.168.0.200-192.168.0.245) and I see no WAN tab under this message, just LAN. Incidentally, when I reboot, I see the following: pfSense is now shutting down ... pflog0: promiscuous mode disabled Waiting (max 60 seconds) for system process `vnlru' to stop...done Waiting (max 60 seconds) for system process `bufdaemon' to stop...done Waiting (max 60 seconds) for system process `syncer' to stop... Syncing disks, vnodes remaining...0 0 done All buffers synced. Uptime: 5d8h11m58s Rebooting... © 'ÛKûù§ÿûÚ 6ÿÚ÷²óÿú³:óÚ Þó²Ûé§Ö` S_lmmϸ·ïüÿÿ 1 FreeBSD 2 FreeBSD Boot: 2 ... boot msgs Configuring WIRELESS interface...wlan0: changing name to 'ath0_wlan0' -- what's this and why? I don't remember seeing this before... -- Chris Brennan A: Yes. Q: Are you sure? A: Because it reverses the logical flow of conversation. Q: Why is top posting frowned upon? http://xkcd.com/84/ | http://xkcd.com/149/ | http://xkcd.com/549/ GPG: D5B20C0C (6741 8EE4 6C7D 11FB 8DA8 9E4A EECD 9A84 D5B2 0C0C) ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Wireless Issues
On Sat, Sep 24, 2011 at 4:31 PM, Chris L c...@viptalk.net wrote: On Sep 24, 2011, at 8:22 AM, Chris Brennan wrote: On Sat, Sep 24, 2011 at 3:34 AM, Chris L c...@viptalk.net wrote: Yes, all the clients are assigned IP's via DHCP, so that wouldn't matter anyway. It matters if they're given wrong info. I've double-checked and even triple-checked all my defaults. My clients get an IP in the right range, they are given the right gateway and DNS servers, they just can't go anywhere. I've checked their DHCP assignments, they are getting the right info, I can navigate *within* the LAN just fine (wirelessly), I just can't leave it (again, wirelessly). Does that include being able to access the pfSense interface? Can you ping it and bring up the admin interface in a web browser (using the IP address) If so, then you can stop looking at the wireless config and focus on your firewall rules for the wireless interface. You haven't stated what can't go anywhere and inability to leave the WLAN really means. Are they unable to resolve DNS? Can they ping outside using just IP addresses? Anything useful being logged in the firewall? ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list Oh and here is a screenshot of my Wireless firewall settings - http://i.imgur.com/wFgnn.png, If more information is needed, please, let me know and I will provide it. -- Chris Brennan A: Yes. Q: Are you sure? A: Because it reverses the logical flow of conversation. Q: Why is top posting frowned upon? http://xkcd.com/84/ | http://xkcd.com/149/ | http://xkcd.com/549/ GPG: D5B20C0C (6741 8EE4 6C7D 11FB 8DA8 9E4A EECD 9A84 D5B2 0C0C) ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Wireless Issues
On Sep 24, 2011, at 5:29 PM, Chris Brennan wrote: Oh and here is a screenshot of my Wireless firewall settings - http://i.imgur.com/wFgnn.png, If more information is needed, please, let me know and I will provide it. Are you trying to use the same IP network on the Wireless interface as on the LAN interface? If so, you probably want to simply bridge the Wireless interface with the LAN interface and it'll just pick up the LAN characteristics, DHCP server, firewall rules, etc. And it'll be in the same broadcast domain as the LAN network, much like if you connected a separate access point to the LAN network. If not, then you probably want your firewall rules on the Wireless interface to allow traffic from Wireless Net not LAN Net because they're going to have to be different, routed IP networks. Chris ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
