Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Which settings, in pfSense, could alter default blocking of inbound WAN connections?

    Scheduled Pinned Locked Moved Firewalling
    6 Posts 3 Posters 739 Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ? Offline
      A Former User
      last edited by

      I know, by default, pfSense blocks inbound WAN connections but what I'm trying to understand is what pfSense settings could/would alter this default behavior?

      I know the following sections of settings would, but are there any other settings I'm overlooking?
      -Floating rules
      -WAN rules
      -NAT port forwarding

      Thanks

      V S 2 Replies Last reply Reply Quote 0
      • V Offline
        viragomann @Guest
        last edited by

        @mcd3rpy said in Which settings, in pfSense, could alter default blocking of inbound WAN connections?:

        I know, by default, pfSense blocks inbound WAN connections but what I'm trying to understand is what pfSense settings could/would alter this default behavior?

        What do you think could be the alternative behavior?

        Allowing anything? To where?

        ? 1 Reply Last reply Reply Quote 0
        • ? Offline
          A Former User @viragomann
          last edited by

          @viragomann Just trying to learn what settings to avoid, so the default "block inbound WAN connections" don't get altered. I suspect the following sections could , but I'm wanting to make sure I'm not overlooking anything else.

          • Floating Rules
          • Wan Firewall Rules
          • NAT port forwarding
          V 1 Reply Last reply Reply Quote 0
          • V Offline
            viragomann @Guest
            last edited by

            @mcd3rpy
            Yes, you can allow anything with rules, but you have to state a destination in the rule, otherwise it is pretty useless on a firewall in router mode.

            1 Reply Last reply Reply Quote 0
            • S Offline
              SteveITS Rebel Alliance @Guest
              last edited by

              @mcd3rpy On each interface, the blocks under "Reserved Networks" at the bottom (RFC1918, bogon).

              Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
              When upgrading, allow 10-15 minutes to reboot, or more depending on packages, and device or disk speed.
              Upvote 👍 helpful posts!

              ? 1 Reply Last reply Reply Quote 0
              • ? Offline
                A Former User @SteveITS
                last edited by

                @steveits Ahh, I see. Thank you for the answer. Much appreciated!

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.