Logical Rules - Never any luck

  • Logical firewall rules never seem to work with me with pfsense. I think that I have the rules correct, they are SIMPLE rules, I start sending no pings across…nothing. I reboot the server, I restart the firewall, clear the states, check the logs, THERE ARE GREEN ARROWS NEXT TO MY ICMP RULES, etc. etc. PULLING MY HAIR OUT. So I am going to just throw my rules up here and you tell me whether LOGICALLY my rules should allow pings between LAN and VLAN 10 or better yet tell me how my server gets a DHCP lease from pfsense but cant even ping the own default gateway it learned through that lease:

  • And the other device is also having gateway?
    Or do you have any floating rules?

  • Yes, and no. I do everything. Reboot the firewall, restart everything. Bring switchports up and down. Then magically things will just start working suddenly. It is seriously a pain in the butt trying to troubleshoot things when it takes 10-20 minutes for changes to "magically" apply and begin working the way they logically should. Does everyone have this problem or is it just me?

  • without knowing which subnet is on which interface, can't tell you whether your rules are right.


    Does everyone have this problem or is it just me?

    Of course this doesn't happen for everyone.

  • Did you create the relevant rule for outbound NAT?

