Enable ping to pass through pfSense

pfsensepingwide-area-network

I have a pfSense v1.2.3 running and want to allow ping from the WAN through to my LAN and allow the response to get through. Web traffic goes through just fine, but not pings. As suggested elsewhere I have a firewall rule like the following:

Action: Pass

Interface: WAN

ICMP Type: Echo

Source: any

Destination: Wan Address

But the pings are still not happening. Networking is not my specialty. Can anyone point me to where I might be going wrong?

Best Answer

I agree with Dan - by setting the destination as the WAN address you are being selective and only allowing pings to your WAN address with this rule. Change the destination to ANY and it should work as requested.

However by doing this an outsider could potentially deduce what ip addresses you have in use internally, my preference would be to only allow this from trusted addresses.

Off topic - 2.0.1 is out now which adds a lot more functionality.

Related Solutions

PfSense with a bridge as a LAN interface : traffic blocked between interfaces

I had exactly the same problem.

After adding firewall rules from the bridge member interfaces to the bridge network it seems to work.

Cheers Cidi

Ping a Specific Port

You can't ping ports, as Ping is using ICMP which is an internet layer protocol that doesn't have ports. Ports belong to the transport layer protocols like TCP and UDP.

However, you could use nmap to see whether ports are open or not

nmap -p 80 example.com

Edit: As flokra mentioned, nmap is more than just a ping-for-ports-thingy. It's the security auditers and hackers best friend and comes with tons of cool options. Check the doc for all possible flags.

Best Answer

Related Solutions

PfSense with a bridge as a LAN interface : traffic blocked between interfaces

Ping a Specific Port

Related Topic