Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Ping pfSense from WAN (Virtual IP)

    Firewalling
    3
    4
    3537
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • U
      unsichtbarre last edited by

      As nearly as I can tell this question has been asked dozens of times, but never answered succinctly.

      How can you make pfSense 2.3 respond to ICMP requests from the WAN?  -  There is no ICMP protocol choice in the NAT!

      1 Reply Last reply Reply Quote 0
      • cmcdonald
        cmcdonald Netgate Developer last edited by

        Firewall -> WAN

        Add Rule -> Protocol ICMP

        Does this not work?

        Need help fast? https://www.netgate.com/support

        1 Reply Last reply Reply Quote 0
        • jimp
          jimp Rebel Alliance Developer Netgate last edited by

          It depends on the virtual IP and your NAT settings.

          If you want pfSense, the firewall, to respond to the pings to its WAN IP or an IP alias VIP or a CARP VIP, simply add a firewall rule to the WAN to pass ICMP echo requests in to the IP address you want as a destination.

          If you use 1:1 NAT on a VIP, add a firewall rule to pass ICMP echo requests to the private/internal IP of the 1:1 NAT.

          If you use a virtual IP and port forwards and want the target host to respond using ICMP, you'll need pfSense 2.1 (currently in RC) as ICMP is not a choice for port forward protocols in 2.0.x

          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • U
            unsichtbarre last edited by

            Thank all of you for the replies.

            Yes I need to wait for 2.1 to easily accomplish what I truly want.
            I can create rules for ICMP, just not NAT.

            I have enabled ICMP on the WAN, that will work for now.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post