Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Newbie needs help - basic firewalling

    Scheduled Pinned Locked Moved Firewalling
    6 Posts 3 Posters 3.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      fred789
      last edited by

      Hi everyone,
      I've just build my pfSense system and I have some difficulties configurating it.
      setup:

       internet ----> wan ----> lan -----> switch ----> PCs 
      

      I've just switch from a D-Link DFL-200 hardware firewall and I tried to take over the basic firewall rules on the pfSense unit. Unfortunalty to this point I can't even connect to the internet. ;D

      Here's where I get confuse: in order to connect to ther internet I thought I needed I a rule like "LAN->WAN policy,  NAT enabled" so in pfSense i tried the following:

       /firewall/rules/ 
      LAN:
      Proto  	Source  	Port  	Destination  	Port  		Gateway  	Description	
      TCP  	LAN address  	 *  	WAN address  	80 (HTTP)  	 *  	         tcp  80 
      
      

      Do I need to do the same thing for the WAN section? (tried and it didn't work)
      What am I missing?
      Perhaps one last information: in pfSense I can ping lan ip as well as google.com

      Any help would be greatly appreciated

      Thanks,

      Fred

      1 Reply Last reply Reply Quote 0
      • S
        Snailer
        last edited by

        If you don't have any special behind the firewall running, the setup wizard at the gui would kickstart everything nicely. That is at my place anyway. :) So what rules do u want to copy into PfSence? What do you have running at your lan and/or dmz?

        1 Reply Last reply Reply Quote 0
        • F
          fred789
          last edited by

          Thanks for your answer Snailer.
          I did a reset and I am now online  :D
          I'm still confuse though. As I understand pfSense blocks all ports by default, where is then the http serice enabled?
          One last thing. Let's say I want to use a torrent client, do I have to configure anything in "firewall: rules" or do I only have configure "Firewall: NAT: Port Forward".

          Thanks again for your help

          1 Reply Last reply Reply Quote 0
          • S
            Snailer
            last edited by

            From what I have understood, a lot of rules and pre-configuration is already taken place at the background of pfsense,
            which isn't show at the gui, to make us newbies live easier. :) (A small downside is that is could add some confusing for us noobs) ;)

            Furthermore i would like to say: 'shoot those bears of the road you are seeing!' :D
            Try first if your app's will run out-of-the-box; then u can look and ask around if u need a rule applied into pfsense.
            btw: there is a upnp package available. I didn't had to use it so far.

            1 Reply Last reply Reply Quote 0
            • C
              cmb
              last edited by

              The default configuration is everything coming in from the Internet is blocked. Everything going out from the LAN is allowed.

              To restrict your LAN outbound access, change the rules on the LAN interface.

              1 Reply Last reply Reply Quote 0
              • F
                fred789
                last edited by

                Thanks for clearing this up.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.