Ping pfSense from WAN (Virtual IP)
-
As nearly as I can tell this question has been asked dozens of times, but never answered succinctly.
How can you make pfSense 2.3 respond to ICMP requests from the WAN? - There is no ICMP protocol choice in the NAT!
-
Firewall -> WAN
Add Rule -> Protocol ICMP
Does this not work?
-
It depends on the virtual IP and your NAT settings.
If you want pfSense, the firewall, to respond to the pings to its WAN IP or an IP alias VIP or a CARP VIP, simply add a firewall rule to the WAN to pass ICMP echo requests in to the IP address you want as a destination.
If you use 1:1 NAT on a VIP, add a firewall rule to pass ICMP echo requests to the private/internal IP of the 1:1 NAT.
If you use a virtual IP and port forwards and want the target host to respond using ICMP, you'll need pfSense 2.1 (currently in RC) as ICMP is not a choice for port forward protocols in 2.0.x
-
Thank all of you for the replies.
Yes I need to wait for 2.1 to easily accomplish what I truly want.
I can create rules for ICMP, just not NAT.I have enabled ICMP on the WAN, that will work for now.