Some wireless clients periodically report no internet access

By The Dark Knight
in Smart Home, Network & Security

 Share

Recommended Posts

Veteran

The Dark Knight

Posted
  • Author
Posted

So I've moved my Pi-hole on to a new dedicated VLAN and have temporarily setup an allow all rule on the interface. I've created more rules that only allow specific movement of traffic based on what made sense to me. I'll actually be surprised if the proposed rules I've set are correct! Sorry, still learning all this! ;)

 

pihole-vlan.thumb.png.ee6063a8e6857fe68065096c3b0437b1.png

 

Also, what should the NAT Redirect rule look like now? Previously there was an invert match on LAN only. Should I leave it like that? I basically want Pi-hole to handle DNS for my primary LAN only. Other networks are using Cloudflare.

Veteran

The Dark Knight

Posted
  • Author
Posted

By the way, my original problem has now gone away completely. Turns out I was having that issue because I changed something somewhere. No idea what though! A fresh setup of pfSense, and all is well again! :)

Grand Master

+BudMan MVC

Posted
  • MVC
Posted

where are those rules?

 

You have an any any rule? at the top - any other rules below that mean nothing.  And rules are placed on the interface where traffic would enter pfsense.. If you want to allow lan to your pihole vlan then the rule would be on your lan interface not your pihole interface.

 

Yes your port forward would be on your lan interface and sure !lan address still works.

 

Rules are evaluated on interface where traffic enters pfsense from the network the interface is attached too.  First rule to trigger wins, no other rules are evaluated.

Veteran

The Dark Knight

Posted
  • Author
Posted

I created these rules on the new Pi-hole interface. Yes, I did make the any to any rule but that was meant to be temporary. Unless that is the only rule required? I created the other rules thinking it could be locked down for specific movement of traffic. Wanted you to vet them before I enabled! I already have a LAN to any rule (the default one). And yes, do know that rules are evaluated from the top. :)

 

Cool, so will change the NAT Redirect rule accordingly!

 

Thanks BudMan for all your help! :happy::beer:

Grand Master

+BudMan MVC

Posted
  • MVC
Posted

Well if that is on your pihole interface then the dest pihole net is never ever going to be used.. Since the interface would never see such traffic..

Veteran

The Dark Knight

Posted
  • Author
Posted

Oh ok. So I'll delete them and only keep one Allow to Any rule on the interface then. And of course the NAT Redirect rule.

Grand Master

+BudMan MVC

Posted
  • MVC
Posted

well you can for sure lock it down if you don't want the pihole vlan to create traffic to your lan - but since its really just a vlan to allow for the redirections of the dns I wouldn't think there are any security concerns.

This topic is now closed to further replies.
 Share
Go to topic listing

  • Posts

    • Politically funny images of the World

      By +primortal · Posted

    • Politically funny images of the World

      By +primortal · Posted

    • Google Chrome 149.0.7827.156 (offline installer)

      By Copernic · Posted

      Google Chrome 149.0.7827.156 (offline installer) by Razvan Serea The web browser is arguably the most important piece of software on your computer. You spend much of your time online inside a browser: when you search, chat, email, shop, bank, read the news, and watch videos online, you often do all this using a browser. Google Chrome is a browser that combines a minimal design with sophisticated technology to make the web faster, safer, and easier. Use one box for everything--type in the address bar and get suggestions for both search and Web pages. Thumbnails of your top sites let you access your favorite pages instantly with lightning speed from any new tab. Desktop shortcuts allow you to launch your favorite Web apps straight from your desktop. Chrome has many useful features built in, including automatic full-page translation and access to thousands of apps, extensions, and themes from the Chrome Web Store. Google Chrome is one of the best solutions for Internet browsing giving you high level of security, speed and great features. This update includes 33 security fixes. [N/A][516496659] Critical CVE-2026-12437: Use after free in WebShare. Reported by Google on 2026-05-25 [N/A][516947912] Critical CVE-2026-12438: Inappropriate implementation in WebView. Reported by Google on 2026-05-27 [N/A][519728275] Critical CVE-2026-12439: Use after free in Digital Credentials. Reported by Google on 2026-06-03 [N/A][519731619] Critical CVE-2026-12440: Use after free in DigitalCredentials. Reported by Google on 2026-06-03 [N/A][520157118] Critical CVE-2026-12441: Use after free in File Input. Reported by Google on 2026-06-05 [N/A][521950423] Critical CVE-2026-12442: Use after free in Passwords. Reported by Google on 2026-06-09 [N/A][522566295] Critical CVE-2026-12443: Use after free in Web Authentication. Reported by Google on 2026-06-11 [N/A][513160088] High CVE-2026-12444: Out of bounds read in Chromoting. Reported by Google on 2026-05-14 [N/A][513199795] High CVE-2026-12445: Use after free in Extensions. Reported by Google on 2026-05-14 [N/A][513313107] High CVE-2026-12446: Insufficient data validation in Passwords. Reported by Google on 2026-05-14 [N/A][513405023] High CVE-2026-12447: Heap buffer overflow in WebRTC. Reported by Google on 2026-05-15 [N/A][513458233] High CVE-2026-12448: Inappropriate implementation in WebView. Reported by Google on 2026-05-15 [N/A][513480539] High CVE-2026-12449: Use after free in Chromoting. Reported by Google on 2026-05-15 [N/A][514531776] High CVE-2026-12450: Inappropriate implementation in Media. Reported by Zhixin Tu on 2026-05-19 [N/A][514741076] High CVE-2026-12451: Use after free in DigitalCredentials. Reported by Google on 2026-05-19 [N/A][515462244] High CVE-2026-12452: Use after free in Downloads. Reported by Google on 2026-05-21 [N/A][516448843] High CVE-2026-12453: Insufficient validation of untrusted input in Input. Reported by Google on 2026-05-25 [N/A][516926968] High CVE-2026-12454: Race in Safe Browsing. Reported by Google on 2026-05-27 [N/A][517069848] High CVE-2026-12455: Use after free in Tab Strip. Reported by Google on 2026-05-27 [N/A][517124587] High CVE-2026-12456: Insufficient validation of untrusted input in Extensions. Reported by Google on 2026-05-27 [N/A][517153117] High CVE-2026-12457: Insufficient data validation in Extensions. Reported by Google on 2026-05-27 [N/A][517258337] High CVE-2026-12458: Incorrect security UI in Passwords. Reported by Google on 2026-05-27 [N/A][517406035] High CVE-2026-12459: Inappropriate implementation in Serial. Reported by Google on 2026-05-28 [N/A][517484284] High CVE-2026-12460: Insufficient policy enforcement in File System Access. Reported by Google on 2026-05-28 [N/A][517727318] High CVE-2026-12461: Out of bounds read in WebRTC. Reported by Google on 2026-05-29 [N/A][517916024] High CVE-2026-12462: Use after free in Media. Reported by Google on 2026-05-29 [N/A][518042749] High CVE-2026-12463: Inappropriate implementation in Views. Reported by Google on 2026-05-30 [N/A][519358344] High CVE-2026-12464: Use after free in Browser. Reported by Google on 2026-06-03 [N/A][520189702] High CVE-2026-12465: Insufficient validation of untrusted input in Metrics. Reported by Google on 2026-06-05 [N/A][520199394] High CVE-2026-12466: Heap buffer overflow in WebRTC. Reported by Google on 2026-06-05 [N/A][520202726] High CVE-2026-12467: Use after free in Extensions. Reported by Google on 2026-06-05 [N/A][521485244] High CVE-2026-12468: Inappropriate implementation in Updater. Reported by Google on 2026-06-08 [N/A][521618871] High CVE-2026-12469: Uninitialized Use in GPU. Reported by Google on 2026-06-09 Important to know! The offline installer links do not include the automatic update feature. Download web installer: Google Chrome Web 32-bit | Google Chrome 64-bit | Freeware Download: Google Chrome Offline Installer 64-bit | Direct Link | 131.0 MB Download: Google Chrome Offline Installer 32-bit | Direct Link | 119.0 MB Download page: Google Chrome Portable Download: Chrome ARM64 | Direct Link View: Chrome Website | Release Notes Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • Classic 7 is Windows 10 LTSC cosplaying as Windows 7

      By ESC@PE · Posted

      they couldnt do W11 LTSC so the support lasts longer....
    • Mozilla highlights Firefox Nova 2026 redesign and more upcoming features with new roadmap

      By Pork Chopper · Posted

      The fact that the pref is not enabled by default tells you that what you see is what you get...for now. Hopefully the final version will have all the quirks ironed out.

  • Recent Achievements

    • Week One Done
      suprememobiles48 earned a badge
      Week One Done
    • One Month Later
      Windows Guy earned a badge
      One Month Later
    • One Month Later
      Prasann earned a badge
      One Month Later
    • Week One Done
      Prasann earned a badge
      Week One Done
    • First Post
      Dys Topia earned a badge
      First Post

  • Popular Contributors

    1. 1
      +primortal
      507
    2. 2
      +Edouard
      173
    3. 3
      PsYcHoKiLLa
      97
    4. 4
      Steven P.
      85
    5. 5
      ATLien_0
      71
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!