Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    ICMP request not allowed

    Scheduled Pinned Locked Moved Firewalling
    6 Posts 3 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jonfil0130
      last edited by

      Hi,

      I was trying to access outbound PING but it was not allowed via PFSense. I already created a Firewall Rule but no to avail. Pls. see below the sample rule that i've created.

      Created a rule under WAN
      -Pass
      Protocol - ICMP
      Source - any
      Destination - WAN address

      I hope anybody can help me figure this out. Thanks

      1 Reply Last reply Reply Quote 0
      • K
        kejianshi
        last edited by

        Can you post all your firewall rules?

        1 Reply Last reply Reply Quote 0
        • ?
          Guest
          last edited by

          OUTbound means to me that you are trying to ping from LAN to an IP somewhere on the internet, correct? Then you should have the allow rule on the LAN interface, never on the WAN.

          1 Reply Last reply Reply Quote 0
          • K
            kejianshi
            last edited by

            Yeah - Basically you have allowed ICMP on the WAN which is often useful, but doesn't sound like this is what you want.

            The reason I want to see the rest of your LAN rules is because outgoing ICMP should work in a default setup unless you have made a rule that kills it.

            1 Reply Last reply Reply Quote 0
            • J
              jonfil0130
              last edited by

              Hi Guys,
              This is the only rules that i've got in my LAN…

              ID Proto Source Port Destination Port Gateway Queue Schedule Description

              * * * LAN Address 443
              80 * *  Anti-Lockout Rule

              IPv4 ICMP  LAN net  *  WAN address  *  *  none

              IPv4 TCP  ! AllowFBselected  *  BlockFBAlias  *  *  none    FB not allowed

              IPv4 TCP/UDP  LAN address  *  *  *  *  none    Allow LAN Outbound

              IPv4 *  LAN net  *  *  *  *  none    Default allow LAN to any rule

              IPv6 *  LAN net  *  *  *  *  none    Default allow LAN IPv6 to any rule

              1 Reply Last reply Reply Quote 0
              • ?
                Guest
                last edited by

                IPv4 ICMP  LAN net  *  WAN address  *  *  none

                You allow ICMP from LAN to the WAN address of your pfSense box, so the rest of the world is blocked…

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.