WAN Compromised or Down Email Notifications


  • Is it possible to get email notification/alarm notifications when the WAN monitor pings are above latency thresholds for x milliseconds, or packet losses are above threshold? There are times when the WAN is suboptimal and times when it is flat down. It would be helpful if PFSense would notify me when these events occur.

    Thank you,
    Jerold


  • Is such a notification not easily possible in PFSense? I can use a third party app to send me WAN pinger updates daily, but I just really want to know when it is down for more than an hour as there may be an ISP credit in it for me when it does go down and I am not home. Thank you, Jerold


  • Hi,

    Sending a mail when your WAN is down ? That will always be an issue.

    I advise you to test 'from the outside' using a VPS or bigger. edit : some offer this as a service : testing if your host ( == your pfSense) is up.
    Tools like these can even when you when your connection goes bad.


  • @Gertjan If it queues the message and sends when WAN is back up, that would be fine. I don't need real time notification, just a notification that it occurred.


  • @Gertjan said in WAN Compromised or Down Email Notifications:

    I advise you to test 'from the outside' using a VPS or bigger. edit : some offer this as a service : testing if your host ( == your pfSense) is up.
    Tools like these can even when you when your connection goes bad.

    To use such tools, would I have to open any ports, or would it be as simple as checking a dynamic dns name that would resolve to my public IP?


  • Having the WAN ICMP reply to ping requests, by add a firewall rulle on WAN that actually accepts ping requests.

    @jpvonhemel said in WAN Compromised or Down Email Notifications:

    as simple as checking a dynamic dns name that would resolve to my public IP?

    That's what I'm using seeing : when my pfSense WAN NIC goes down, and comes up again, this will trigger the DynDNS "service", and that one can send a mail, even if the IP did not change.


  • It seems I would have to open ICMP to be able to monitor from the outside. That feels like it would show I exist and make me a target. It doesn’t feel like a good idea, or am I worrying about nothing.


  • @jpvonhemel sorry, I was responding on top of you.


  • Hello!

    Options for notifications, like the Email Reports package for gateway events and script support, have been discussed here :

    https://forum.netgate.com/topic/155063/notification-on-events?_=1600390142279

    My understanding is that pfsense is not an mta, and while is has its own form of "queueing", it will not send notifications if it cannot reach your smtp relay.

    My preference is to setup a pi along side pfsense as a support server to run things like an mta (postfix, exim, ...), local monitoring (nagios, icinga, ...), and other things that I dont want to burden pfsense with even though it might be able to handle them (squid, nmap, ...). YMMV.

    John