• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Which settings, in pfSense, could alter default blocking of inbound WAN connections?

Scheduled Pinned Locked Moved Firewalling
6 Posts 3 Posters 739 Views 3 Watching
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • ? Offline
    A Former User
    last edited by Nov 15, 2021, 9:34 PM

    I know, by default, pfSense blocks inbound WAN connections but what I'm trying to understand is what pfSense settings could/would alter this default behavior?

    I know the following sections of settings would, but are there any other settings I'm overlooking?
    -Floating rules
    -WAN rules
    -NAT port forwarding

    Thanks

    V S 2 Replies Last reply Nov 15, 2021, 10:31 PM Reply Quote 0
    • V Offline
      viragomann @Guest
      last edited by Nov 15, 2021, 10:31 PM

      @mcd3rpy said in Which settings, in pfSense, could alter default blocking of inbound WAN connections?:

      I know, by default, pfSense blocks inbound WAN connections but what I'm trying to understand is what pfSense settings could/would alter this default behavior?

      What do you think could be the alternative behavior?

      Allowing anything? To where?

      ? 1 Reply Last reply Nov 15, 2021, 10:45 PM Reply Quote 0
      • ? Offline
        A Former User @viragomann
        last edited by Nov 15, 2021, 10:45 PM

        @viragomann Just trying to learn what settings to avoid, so the default "block inbound WAN connections" don't get altered. I suspect the following sections could , but I'm wanting to make sure I'm not overlooking anything else.

        • Floating Rules
        • Wan Firewall Rules
        • NAT port forwarding
        V 1 Reply Last reply Nov 15, 2021, 10:52 PM Reply Quote 0
        • V Offline
          viragomann @Guest
          last edited by Nov 15, 2021, 10:52 PM

          @mcd3rpy
          Yes, you can allow anything with rules, but you have to state a destination in the rule, otherwise it is pretty useless on a firewall in router mode.

          1 Reply Last reply Reply Quote 0
          • S Offline
            SteveITS Rebel Alliance @Guest
            last edited by Nov 15, 2021, 11:06 PM

            @mcd3rpy On each interface, the blocks under "Reserved Networks" at the bottom (RFC1918, bogon).

            Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
            When upgrading, allow 10-15 minutes to reboot, or more depending on packages, and device or disk speed.
            Upvote 👍 helpful posts!

            ? 1 Reply Last reply Nov 15, 2021, 11:49 PM Reply Quote 0
            • ? Offline
              A Former User @SteveITS
              last edited by Nov 15, 2021, 11:49 PM

              @steveits Ahh, I see. Thank you for the answer. Much appreciated!

              1 Reply Last reply Reply Quote 0
              6 out of 6
              • First post
                6/6
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                This community forum collects and processes your personal information.
                consent.not_received