But I started out with unable to access my WAN (pfsense) from internet. Hence, I posted to ask how to allow access to pfsense from outside world. But after doing some restart and DID NOT add any rules, somehow outside world can connect to pfsense, ssh and so on except ping. No matter what I do, I just can't ping into pfsense box. I tried adding ICMP port 8 but still can't ping.
Now, I am trying to block ssh from outside work to learn how to use the rules correctly but somehow I just can't block the ssh. I keep on able to ssh to pfsense box. I am really dumbfounded.
First, you need to make sure you are running version 1.0.1. There was a bug with the previous version where changed rules would not reload until after rebooting.
Secondly, to access your pfsense box from the outside, you have to do two things. You have to create a NAT statement redirecting your desired traffic (ssh or web) from your external IP to the LAN IP. Next you have to create the rule to allow this traffic.
So your NAT statement will look like this:
IF Ext Port Range Internal IP Int Port Range
WAN SSH or HTTP, etc LAN Interface IP SSH, Http, etc
Your WAN Rule will be:
Proto Source Src Port Destination IP: Int Port Range:
(Pass)ICMP or TCP, Source IP any LAN If IP, SSH, Http, etc,
That should get you going.