Views: 1404

Open a browser software, enter the IP address of your Pfsense firewall and access web interface.

In our example, the following URL was entered in the Browser:

• https://192.168.15.11

The Pfsense web interface should be presented.

Pfsense login

On the prompt screen, enter the Pfsense Default Password login information.

• Username: admin
• Password: pfsense

After a successful login, you will be sent to the Pfsense Dashboard.

Pfsense dashboard

Access the Pfsense Services menu and select the SNMP option.

pnsense snmp

Select the option named: Enable the SNMP Daemon and its controls

Set a SNMP contact and a SNMP location.

Set a SNMP community that will have read-only permission to get remote SNMP information.

In our example, we created a SNMP community named: GokuBlack

Pfsense snmp configuration

On the SNMP modules configuration, make sure that all modules are selected.

On the Interface binding configuration, select the option ALL.

Click on the Save button to finish the configuration.

pfsense snmp setup

You have successfully enabled the Pfsense SNMP service.

You have successfully configured the Pfsense SNMP service.

PFSense SNMP Firewall Configuration

By default, the PFsense firewall does not allow external SNMP connections to the WAN interface.

In our example we are going to create a firewall rule to allow the SNMP communication.

Access the Pfsense Firewall menu and select the Rules option.

pfsense firewall rule menu

Click on the Add button to add a rule to the Top of the list.

pfsense add firewall rule

On the Firewall rule creation screen, perform the following configuration:

• Action – Pass
• Interface – WAN
• Address family – IPV4
• Protocol – UDP

pfsense firewall snmp rule

On the Source configuration screen, you need to define the IP address that should be allowed to perform SNMP communication with the Pfsense firewall.

In our example, any computer is able to perform SNMP communication with the firewall.

pfsense snmp firewall source

On the Firewall destination screen, perform the following configuration:

• Destination – Wan address
• Destination port range- From SNMP 161 to SNMP 161

pfsense snmp firewall destination

On the Firewall Extra options screen, you may enter a description to the firewall rule.

pfsense snmp firewall extra

Click on the Save button, you will be sent back to the Firewall configuration screen.

Now, you need to reload the firewall rules to apply the SNMP configuration.

Click on the Apply changes button to reload the firewall configuration.

Pfsense apply firewall rule

You have finished the PFsense firewall configuration to allow SNMP communication using the WAN interface.

PFSense – Testing the SNMP Configuration

To test the Pfsense SNMP configuration from a computer running Ubuntu Linux:

Use the following commands to install the required packages and test the Pfsense SNMP communication.Copy to Clipboard1

apt-get install snmp

2

snmpwalk -v2c -c GokuBlack 192.168.15.11

Keep in mind that you need to change the SNMP community name and the PFsense IP address to reflect your environment.

To test the Pfsense SNMP configuration from a computer running Windows:

Download the SNMP Tester aplication, and test the communication using the following parametes:

• Community name: Your SNMP community
• Device IP: Your PFsense server IP address
• SNMP Version: V2C
• Select Request type: Scan Interfaces

Here is an example from my Pfsense configuration.

Microtik snmp test

You have successfully performed a Pfsense SNMP communication test.