<![CDATA[Firewall rule for 67/68 on wan inet not working]]>I'm having an issue with my pfsense box.
The issue I'm having is that I'm losing the connection due to expiring dhcp leases. I have to manually renew the connection to reestablish my connection to my cable provider.

I keep getting these


Blocked Jan 4 20:54:12 	WAN 	10.50.64.1:67		 255.255.255.255:68

I've added the rule to wan interface


IPv4 UDP 	* 	67 - 68 	* 	67 - 68

Yet it's still being blocked.

How can I fix this?

]]>https://forum.netgate.com/topic/93724/firewall-rule-for-67-68-on-wan-inet-not-workingRSS for NodeThu, 11 Jun 2026 13:47:59 GMTTue, 05 Jan 2016 02:02:52 GMT60<![CDATA[Reply to Firewall rule for 67/68 on wan inet not working on Tue, 05 Jan 2016 03:38:13 GMT]]>your udp 67-68 rule should be on top. Otherwise, yes (assuming the typo you already spotted has been fixed)

]]>https://forum.netgate.com/post/594213https://forum.netgate.com/post/594213Tue, 05 Jan 2016 03:38:13 GMT<![CDATA[Reply to Firewall rule for 67/68 on wan inet not working on Tue, 05 Jan 2016 02:59:13 GMT]]>@jimp:

Not really, you could uncheck that, then make an RFC1918 alias (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) and add a block rule under your pass rule for equivalent protection

Does this look correct?

edit yes I caught the 192/16 block, had a typo it's been corrected.

firewall.jpg
firewall.jpg_thumb

]]>https://forum.netgate.com/post/594205https://forum.netgate.com/post/594205Tue, 05 Jan 2016 02:59:13 GMT<![CDATA[Reply to Firewall rule for 67/68 on wan inet not working on Tue, 05 Jan 2016 02:41:22 GMT]]>Not really, you could uncheck that, then make an RFC1918 alias (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) and add a block rule under your pass rule for equivalent protection

]]>https://forum.netgate.com/post/594202https://forum.netgate.com/post/594202Tue, 05 Jan 2016 02:41:22 GMT<![CDATA[Reply to Firewall rule for 67/68 on wan inet not working on Tue, 05 Jan 2016 02:36:11 GMT]]>@jimp:

That is probably being blocked by "Block Private Networks" on the WAN interface, a custom rule won't override that.

I have the modem bridged so pfsense takes the public facing ip.
Any harm unchecking it?

]]>https://forum.netgate.com/post/594197https://forum.netgate.com/post/594197Tue, 05 Jan 2016 02:36:11 GMT<![CDATA[Reply to Firewall rule for 67/68 on wan inet not working on Tue, 05 Jan 2016 02:31:47 GMT]]>That is probably being blocked by "Block Private Networks" on the WAN interface, a custom rule won't override that.

]]>https://forum.netgate.com/post/594194https://forum.netgate.com/post/594194Tue, 05 Jan 2016 02:31:47 GMT