Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Finding pfSense on WAN, using Zeroconf

    Scheduled Pinned Locked Moved pfSense Packages
    2 Posts 2 Posters 431 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • cmcqueenC
      cmcqueen
      last edited by

      I have a pfSense on my LAN, for the purpose of running a test network sub-network. So the pfSense WAN is connected to my LAN, and the test devices are on a pfSense LAN.

      I access the pfSense web config via its WAN interface (on my LAN). The pfSense WAN is getting an address via DHCP.

      So my question is, how can I find the pfSense address? Can I use the avahi package to make it advertise its web server with DNS-SD, and have a .local hostname on its WAN interface?

      GertjanG 1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan @cmcqueen
        last edited by

        @cmcqueen said in Finding pfSense on WAN, using Zeroconf:

        I access the pfSense web config via its WAN interface (on my LAN

        Not a good test test set up.
        You should bring a collection of devices, if not all of them, - your "test environment" - and hook them all up to a LAN on pfSense. Then test that LAN segment - and pfSense. You'll be having a router-after-router setup which is for outgoing (== Internet) traffic completely transparent.

        Making WAN accessible is not part of real set up.
        The exception might be : testing a NAT rule (while IPv4 lasts).

        "Zeroconf" (whatever it actually is) needs ports to be open and/or redirected to some LAN (pfSense) based device with a running service that implements Zeroconf. That will normally never be the case as you do not want the Internet to "Zeroconf" your installation.

        Keep in mind that pfSense is a firewall and router : nothing from a WAN perspective can be seen. Shut down the firewall part, define routes on your main LAN's router (the one that hands out a WAN IP to pfSense) and set up pfSEnse as a basic router.

        @cmcqueen said in Finding pfSense on WAN, using Zeroconf:

        how can I find the pfSense address?

        If the initial LAN works well, the DHCP (client) request made by pfSense to the upstream ISP router registers it's DNS name 'pfsense' into the upstream LAN DNS (your ISP router). So, as soon as it is powered on, you could use it's name :

        cb2465ae-5965-4e8c-9f83-e2045b3c61a7-image.png

        Typically, when you type

        ping pfsense

        on a PC on the ISP LAn, it (the ISP router) would resolve 'pfsense' to pfSense's IP first, and then starts to ping to this IP.
        But nothing will happen ... no reply.
        You have to add a firewall rule on the pfSense WAN interface so it can actually receive these ICMP requests - and thus reply.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.