Ping pfSense from WAN (Virtual IP)

Firewalling
Log in to reply
  • U

    As nearly as I can tell this question has been asked dozens of times, but never answered succinctly.

    How can you make pfSense 2.3 respond to ICMP requests from the WAN?  -  There is no ICMP protocol choice in the NAT!

    0
  • V
    Rebel Alliance

    Firewall -> WAN

    Add Rule -> Protocol ICMP

    Does this not work?

    0
  • jimp
    Rebel Alliance Developer Netgate

    It depends on the virtual IP and your NAT settings.

    If you want pfSense, the firewall, to respond to the pings to its WAN IP or an IP alias VIP or a CARP VIP, simply add a firewall rule to the WAN to pass ICMP echo requests in to the IP address you want as a destination.

    If you use 1:1 NAT on a VIP, add a firewall rule to pass ICMP echo requests to the private/internal IP of the 1:1 NAT.

    If you use a virtual IP and port forwards and want the target host to respond using ICMP, you'll need pfSense 2.1 (currently in RC) as ICMP is not a choice for port forward protocols in 2.0.x

    0
  • U

    Thank all of you for the replies.

    Yes I need to wait for 2.1 to easily accomplish what I truly want.
    I can create rules for ICMP, just not NAT.

    I have enabled ICMP on the WAN, that will work for now.

    0

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2021 Rubicon Communications, LLC | Privacy Policy