Unable to ping to/from netgate XG-7100 WAN interface

  • Setting up a new netgate XG-7100, but I'm unable to ping to/from the WAN interface.


    • ASUS AC1300 wi-fi router using CIDR block
      • PC A (IP:
      • netgate XG-7100 (WAN IP:, LAN IP:
        • PC B (IP:

    Pings from PC A to the XG-7100 WAN interface time out, as do pings from the XG-7100 WAN interface to PC A.
    Also, PC B is unable to access the internet, but PC A is able to.

    I configured the XG-7100 to allow RFC1918 traffic and also added a ICMP rule, but this did not resolve the issue:
    Screen Shot 2019-10-15 at 5.29.59 PM.png
    Screen Shot 2019-10-15 at 5.27.40 PM.png

    What did I do wrong? How can I fix this?

    (Note: This is my first pfSense device so please be kind :))

  • LAYER 8 Rebel Alliance

    Internet access from the pfSense LAN side (your PC B) should work just out of the box.
    Post your Interface settings (WAN + LAN) and Firewall Rules (WAN + LAN) here as Screenshots.
    Why the F do you run a /8 network? You have plans to run over 16 million hosts flat there?!


  • Oops, just a typo as I was running out. The ASUS router is using, not :) (Corrected above now.) Sorry for the confusion!

    Requested screenshots below.

    Interface Settings

    • WAN:
    • LAN:

    Firewall Rules

    • WAN:
    • LAN:

    Other Notes

    • XG-7100 ETH1 port is connected to the ASUS router LAN port.
    • XG-7100 ETH2 port is connected to PC B.

  • LAYER 8 Rebel Alliance

    Your WAN subnet mask is wrong.
    Change /32 to /24
    As upstream gateway put in your ASUS AC1300 IP.


  • @Rico Corrected the XG-7100 WAN subnet mask and added the upstream gateway. Now the XG-7100 WAN interface is able to ping PC A and the ASUS router, and PC A can ping the XG-7100 WAN interface, but PC B still cannot access the internet.


    • Changed XG-7100 WAN subnet mask from /32 to /24:

    • Added ASUS AC1300 router as a XG-7100 gateway:

    • XG-7100 WAN interface can ping PC-A now:

    PING ( from 56 data bytes
    64 bytes from icmp_seq=0 ttl=64 time=0.783 ms
    64 bytes from icmp_seq=1 ttl=64 time=0.458 ms
    64 bytes from icmp_seq=2 ttl=64 time=0.414 ms
    --- ping statistics ---
    3 packets transmitted, 3 packets received, 0.0% packet loss
    round-trip min/avg/max/stddev = 0.414/0.552/0.783/0.165 ms
    • XG-7100 WAN interface can ping the router now:

  • Disconnecting the reconnecting PC-B resulted in it being able to access the internet, so all is well now. Thank you for the help, @Rico!

    Also, I just found the guide Troubleshooting Network Connectivity, double-checked the settings, and confirmed the tests work.

  • LAYER 8 Rebel Alliance

    Glad you have it working now.


Log in to reply