Bobcares

How to Allow Ping on pfSense?

by | Oct 19, 2022

Ping on pfSense allows network administrators to easily diagnose problems and monitor network health effectively. Read the article to know the steps to allow ping on pfSense. With our pfSense Support Services, bobcares can assist you with the answer to this question.

Overview
  1. How to allow ping on pfSense?
  2. Benefits of ping on a pfSense
  3. Steps to allow ping on pfSense
  4. Addressing Common Issues with ping on pfSense
  5. Conclusion

How to allow ping on pfSense?

A firewall is capable to hosts over the network using the ICMP echo requests, called “pings”. It will test the target host’s response. Then measure the latency between the firewall and the target host by these diagnostic packets. Pings are not typically used. However, it can be extremely useful when debugging a network.

allow ping on pfsense

The ping service, which is built into almost all operating systems, is made available through the pfSense firewall. Due to pfSense’s ability to ping any machine from any designated interface, this can be useful for administrators. In this article, we will see the steps to enable ping on the pfSense firewall.

Benefits of ping on a pfSense

1. Pings help check if devices are reachable and measure response time. This is essential for identifying network issues.

2. Many monitoring tools use pings to ensure hosts are operational. Allowing pings from specific sources enables effective monitoring while keeping security intact.

3. ICMP responses (pings) help prevent packet fragmentation issues. Blocking them can lead to tricky network problems.

4. Some devices need ping checks to monitor WAN link status. This is crucial for automatic failover and maintaining network reliability.

5. Allowing pings provides quick feedback on connectivity, speeding up issue diagnosis and improving overall network reliability.

6. Limit ping responses to specific IP addresses to reduce security risks.

7. Allow only necessary traffic, like ICMP echo requests, to maintain a secure network environment.

Steps to allow ping on pfSense

  1. Firstly, log in to pfSense.
  2. Then open Firewall >> Rules.
  3. To add a new rule, click [+].
  4. Now on the “Edit Firewall rule” page, verify the details as follows to allow ping on pfSense:
      • Action: Pass
      • Protocol: ICMP
      • ICMP subtypes: Echo request
      • Source: any
      • Destination: This Firewall
      • Description: Allow ping on WAN
  5. Then click the Save button.
  6. Finally, click Apply changes.

This step successfully allows users to ping the WAN IP address of the pfSense firewall. It is also possible to perform a simple ping test at the console menu, but without additional options such as hostname, IP Protocol, etc.

Addressing Common Issues with ping on pfSense

1. Misconfigured Firewall Rules: We must make sure we’ve set up a rule to allow ICMP traffic. So, go to Firewall >> Rules, create a new rule, and set it to Pass for ICMP Echo requests.

2. Wrong Subnet Mask and Gateway: Double-check that the subnet mask and gateway settings are correct for both WAN and LAN interfaces. Incorrect settings can block ping requests.

3. Blocked Connections in Logs: We must also review the firewall logs for any blocked ICMP traffic. If we find issues, adjust the rules accordingly.

4. VLAN and Network Interface Issues: Ensure VLANs and interfaces are set up correctly. Make sure ICMP rules apply to the right VLANs and interfaces.

5. DNS and Connectivity Confusion: While not directly related to ping, DNS issues can look like ping problems. Ensure DNS is configured properly for smooth name resolution, but focus on firewall rules for ping-related issues.

[Searching for an answer to a different query? We are just a click away.]

Conclusion

Administrators can ping any machine on any interface from any interface using the ping utility. Having Ping integrated into the firewall’s web interface is a great tool for administrators as it is a necessary tool. In this article, we provide a simple way for our Support team to allow ping on pfSense.

6 Comments

  1. Joe

    Is this rule supposed to allow me to ping internet hosts? On my network it only allows me to ping my public IP address. My ISP gateway router is in bridged mode connected to my pfSense WAN port.

    Reply
    • Hiba Razak

      Hi,
      Our experts can help you with the issue.we will be happy to talk to you through our live chat(click on the icon at right-bottom).

      Reply
  2. Samiul Alam

    Hi,
    Can I used to wan to lan ping ?
    Suppose to I’m connected from router to pfsense 192.168.1.10 wan and my lan releases from 192.168.10.1 can I ping From router to pfsense lan iP??

    Reply
    • Hiba Razak

      Hi ,
      Please contact our support through live chat(click on the icon at right-bottom).

      Reply
  3. Wai

    Hi, this will not work if my vm and the wan are in different subnet ?

    Reply
    • Hiba Razak

      Hi Wai,
      Yes, allowing ping (ICMP) on pfSense should work even if your virtual machine and the WAN are in different subnets.

      Reply

Submit a Comment

Your email address will not be published. Required fields are marked *

Never again lose customers to poor
server speed! Let us help you.

Privacy Preference Center

Necessary

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

PHPSESSID - Preserves user session state across page requests.

gdpr[consent_types] - Used to store user consents.

gdpr[allowed_cookies] - Used to store user allowed cookies.

PHPSESSID, gdpr[consent_types], gdpr[allowed_cookies]
PHPSESSID
WHMCSpKDlPzh2chML

Statistics

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

_ga - Preserves user session state across page requests.

_gat - Used by Google Analytics to throttle request rate

_gid - Registers a unique ID that is used to generate statistical data on how you use the website.

smartlookCookie - Used to collect user device and location information of the site visitors to improve the websites User Experience.

_ga, _gat, _gid
_ga, _gat, _gid
smartlookCookie
_clck, _clsk, CLID, ANONCHK, MR, MUID, SM

Marketing

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

IDE - Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

test_cookie - Used to check if the user's browser supports cookies.

1P_JAR - Google cookie. These cookies are used to collect website statistics and track conversion rates.

NID - Registers a unique ID that identifies a returning user's device. The ID is used for serving ads that are most relevant to the user.

DV - Google ad personalisation

_reb2bgeo - The visitor's geographical location

_reb2bloaded - Whether or not the script loaded for the visitor

_reb2bref - The referring URL for the visit

_reb2bsessionID - The visitor's RB2B session ID

_reb2buid - The visitor's RB2B user ID

IDE, test_cookie, 1P_JAR, NID, DV, NID
IDE, test_cookie
1P_JAR, NID, DV
NID
hblid
_reb2bgeo, _reb2bloaded, _reb2bref, _reb2bsessionID, _reb2buid

Security

These are essential site cookies, used by the google reCAPTCHA. These cookies use an unique identifier to verify if a visitor is human or a bot.

SID, APISID, HSID, NID, PREF
SID, APISID, HSID, NID, PREF