Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How do you configure pfSense to connect its WAN port to a %G hotspot

    Scheduled Pinned Locked Moved Firewalling
    bogonhotspotfirewall rules
    5 Posts 2 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      munson
      last edited by

      When my internet service goes down, I would like to connect my Wan Port to my Hotspot as a temporary backup. My hotspot provides a Bogon ip address (example 192.168.x.x). I did not change any firewall rules, except for unblocking bogon networks on the WAN interface. I could not evening ping my hotspot. Any suggestions to get this working, for example what rules do I need to unblock?

      Thanks

      S 1 Reply Last reply Reply Quote 0
      • S
        SteveITS Galactic Empire @munson
        last edited by

        @munson Bogons are public IPs not assigned to anyone. 192.168.0.0/16 is a private address space for use on LANs.

        It should work just fine to use a private IP on WAN. Is that private WAN subnet different than your LAN subnet? Meaning both can't be 192.168.1.0/24, or pfSense won't know where to route packets.

        You shouldn't even need to unblock private IPs on WAN. The default LAN-to-any allow rule would allow pinging to the hotspot's LAN IP and the reply (note: it has to be configured to respond to pings) would pass back because pfSense knows it is a reply due to the open connection state.

        Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
        Upvote ๐Ÿ‘ helpful posts!

        M 2 Replies Last reply Reply Quote 0
        • M
          munson @SteveITS
          last edited by

          @steveits
          Thanks for you quick response. My internal networks are 192.168.193.x, and 192.168.195.x and my hotspot provides an ip 192.168.2.x. to the pfsense WAN port. I see the WAN IP assignment in pfSense but I cannot access any resource on the internet through pfSense from internal device.

          When I connect a single device directly to my hotspot, I have no problem accessing any resource on the internet.

          My thought is I don't have pfSense properly configured. (BTW when pfSense works perfectly when connect directly to internet.)

          Any clarification would be appreciated.

          Eric

          S 1 Reply Last reply Reply Quote 0
          • S
            SteveITS Galactic Empire @munson
            last edited by

            @munson said in How do you configure pfSense to connect its WAN port to a %G hotspot:

            I cannot access any resource on the internet through pfSense

            When you say this, do you also mean pinging by IP (8.8.8.8) to rule out a DNS issue? What does a traceroute show?

            Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
            When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
            Upvote ๐Ÿ‘ helpful posts!

            1 Reply Last reply Reply Quote 0
            • M
              munson @SteveITS
              last edited by

              @steveits Thanks again. I will try it one more time. My hot spot has a different subnet than the internal networks. It seems really strange that I can't ping my hot spot from either on of my internal networks.

              Thanks

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.