[Solved] Another ping problem
-
Your rule order is correct? Move that rule to the very top of the WAN rules. Does it work then?
-
It is now the first firewall rule, and it still wont ping :(
-
It is now the first firewall rule, and it still wont ping :(
On the WAN interface, right? :-)
Another thought: your WAN interface is static, not DHCP?
maybe posting a screen shot of your rules would help.
-
@sai:
On the WAN interface, right? :-)
Sure :)
Another thought: your WAN interface is static, not DHCP?
My WAN interface is DHCP but my IP address is static.
Maybe posting a screen shot of your rules would help.
That may be useful ;)
-
well that should work. You are able to access the pfSense webgui from the outside?
Could you try changing the destination IP address from 'Any' to 'WAN Address'?
This is something that you should do on the rules labeled 'pdSense Interface' also (for security reasons)
It could be that your ISP is blocking ICMP inbound. Do they give you a modem or router ? if yes then try pinging that from the outside and also from your pfSense.
-
@sai:
well that should work. You are able to access the pfSense webgui from the outside?
I can, no problem.
Could you try changing the destination IP address from 'Any' to 'WAN Address'?
Ok … I tried. Did not change anything :(
It could be that your ISP is blocking ICMP inbound. Do they give you a modem or router ? if yes then try pinging that from the outside and also from your pfSense.
I dont think so. When I had IPcop, I had no ping problem, and I tried direct Internet connection and I can ping too.
This situation is very strange.
-
Here is the firewall log :
BLOCKED Nov 27 15:01:21 WAN 62.210.xxx.xxx 82.245.xxx.xxx ICMPAnd the icon says :
@62 BLOCK DROP IN QUICK ALL LABEL "DEFAULT BLOCK ALL JUST TO BE SURE"My firewall rule :
**ICMP 62.210.xxx.xxx * * * ***You may not have an explicit deny rule, but there is a default deny for all rules when they are not explicitly passed. That being said, something is wrong with your current rule that is causing the icmp traffic to not match that rule, and therefore make it all the way down to the implicit deny rule.
I would double check you have the source IP correct. If you do, try opening source to any and see if you get replies. If you do, set that rule to log and see if you've got the source ip correct.
Also, what version of pfsense are you running?
-
pfSense 1.0, I still did not find the time to upgrade. Nevertheless, my problem is solved : I rebooted the box, and now everything works fine … I dont understand but nevermind.
-
Ok, now I get it :
Btw, you should upgrade to 1.0.1. 1.0 had a really annoying bug where rules sometimes were not reloaded.
-
