Device behind pfSense LAN (Azure install) can NOT get access to public internet

  • So I thought this would be a fairly simple thing, but I guess Azure network works different then a physical install. So anyway, my setup is fairly simple. I install a pfSense VM on Azure with WAN and LAN.

    WAN is on
    LAN is on

    Windows SERVER 2019 is on (same segment as LAN of pfsnes)

    A UDR (route table) is set on the subnet with next hop to

    Now, pfsense has no problem at all pinging the or have access to internet at all. But WHY IS Windows Server 2019 NOT able to ping nor get access to internet at all??

    I do have "IP forward" turned "ON" on the LAN interface of pfsense. I did a packet capture both at the LAN and WAN interface of pfsense, I DO SEE the packet from the windows server on both of these interface when I try to ping

    So is there something I need to setup more in Azure??

    The funny thing is that I did setup a IPSEC tunnel between this pfsense install and my sonicwall firewall (a physical machine), and I WAS ABLE to ping between the devices at either end of the tunnel. But STILL NO DEVICE behind pfsense LAN interface can ping to ANY PUBLIC IP??

    Any thoughts?

    Any help is GREATELY appreciated!

  • Hi
    I am not using Azure but virtualization over KVM and you could try to disable
    Hardware Checksum Offloading


  • Hello Michael,

    Thank you for the reply but that didn't work. I almost feel this is an Azure/pfsense compatibility issue. So I thought if someone here did get pfsense work on Azure before, maybe they know something simple that needed to be "turned on" in order for this to work?

    Thank you.

  • How did you get pfsense to connect to the internet, I have deployed pfsense in azure, the only way I can ping/get internet access from pfsense is to assign the WAN nic with a public IP

Log in to reply