Can't ping or http pfSense from outside

  • I'm migrating my network to a new ISP and for the first time I needed to create my own firewall from scratch, so I desided to give pfSense a try.  I'm a total newb and I need help already.  :-\

    I have my pfSense running on an old pc using a static IP with 2 additional virtual IPs.

    I have another pc running on the inside that I've been using to configure the box through the webGUI.  Also the PC uses the firewall as a gateway for internet access which is working perfectly.
    I set up my virtual IP then set up NAT to pass standard port 80 traffic to my box on the inside that I'm running IIS on.

    Then I tried to access the webpage using my old network which is on the outside trying to access one of the virtual IPs.  It didn't work.  :(
    I also, realized then that I can't ping either my firewall or the new virtual IP.

    So, I spoke with my ISP and they say they can see that the IPs reside on the firewall, even rattled of the MAC address of my pc.  They simply said that my firewall was the reason for the traffic not passing.

    Did I miss something during setup?  Is there a default setting somewhere that says simply deny all incoming activity?

    Thanks so much in advance for any help!

  • Just a few quick notes-

    1. All inbound traffic is denied by default.
    2. When you create a port-forward, there is an option to create the firewall rule. It's checked by default.
    3. To ping the firewall, you would need to add a rule on the WAN to allow ICMP to the WAN address.
    4. If you are using proxy-arp VIPs and port-forwards, the VIPs will not be pingable, even with ICMP allowed.

Log in to reply