If you’re new to pfSense, the sheer number of menus in the web configurator can be intimidating, and you may also be wondering what a few of them are for. That’s why we put together this pfSense web configurator menu overview. It lists all of the menus found in a stock pfSense installation and provides a brief overview of each of them, with screenshots (IP and MAC addresses are blurred).
When a page is empty, because nothing is configured, we also show a screenshot of the configuration options for that service, underneath. The configuration options are typically displayed by clicking the green Add button.
To access the pfSense webconfigurator, open a web browser on a computer connected to your firewall and enter https://[your LAN IP address]. By default, it is 192.168.1.1. Enter your username and password in the login page. The defaults are admin/pfsense, respectively. Once logged in, you’re taken to the pfSense Dashboard, which displays useful high-level information about your firewall.
Two widgets are displayed by default: System Information and Interfaces. You can add more by clicking the + icon at the top right.
At the top of the web configurator are eight menus:
It is through these eight menus (and their submenus) that you can configure all of your pfSense firewall’s settings. We’re going to look at all of them.
The System menu encompasses pages dedicated to configuring the pfSense system itself. That means things like configuring access to the GUI, setting up routes and gateways, managing users, setting up failover (requires multiple pfSense firewalls), updating the system to the latest version and managing optional packages, among other things.
High Availability Sync
|System||/ Setup Wizard|
This is a setup wizard for configuring pfSense for the first time. You can follow the on-screen instructions and you’ll end up with a basic working pfSense configuration.
This is where you perform operating system updates of pfSense.
The Update Settings page enables you to select your update branch (beta or stable). You can also disable the Dashboard auto-update check from here.
The Interfaces menu is where you can configure the active interfaces on your system. Each physical network card present on your system is considered an interface, and can host a network segment (a subnet, such as your LAN – 192.168.1.0/24). Certain services, like VPNs, can also create virtual interfaces (implemented by software), which can also host a network segment. All interfaces, whether physical or virtual, are managed from here.
QinQ (also referred to as IEEE 802.1ad) is a means of nesting VLAN tagged traffic inside of packets that are already VLAN tagged, or “double tagging” the traffic.
The Firewall menu enables you to configure elements pertaining to the firewall’s behavior as it transfers packets over the network. So things like defining aliases, configuring NAT and firewall rules, and traffic shaping, among other things, are done from here.
You can define schedules for firewall rules to be enabled and disabled and add the defined schedule(s) to the rules of your choice. You can create, edit, or delete schedules from here.
The Services menu, as its name states, is where you can manage the various services running on your pfSense system. So things like the Captive Portal, DHCP Servers or Relays, DNS Forwarder and Resolver, Dynamic DNS, etc., are all configured and managed from the Services menu.
Auto Configuration Backup
|Services||/ DHCP Server|
From this page, you can configure the IPv4 DHCP Server for the selected interface. Make sure that DHCP Relay is disabled. DHCP Relay and DHCP Server cannot be used concurrently.
|Services||/ DHCPv6 Relay|
From this page, you can configure the IPv6 DHCP Relay service for the selected interface. Make sure that DHCP Server is disabled. DHCP Relay and DHCP Server cannot be used concurrently.
DHCPv6 Server & RA
|Services||/ IGMP Proxy|
The IGMP Proxy enables you to proxy multicast traffic between network segments. This can be configured from this page.
pfSense can be used as a Point-to-Point Protocol over Ethernet (PPPoE) server and accept and authenticate connections from PPPoE clients on a local interface. This is configured here.
You can monitor your pfSense firewall using the Simple Network Management Protocol (SNMP). The SNMP service can be enabled, disabled, and configured from this page.
UPnP & NAT-PMP
pfSense natively supports three Virtual Private Network (VPN) protocols: IPsec (IKEv1 & IKEv2), L2TP/IPsec, and OpenVPN. All three are configured from the VPN menu.
See also:Best VPNs for pfSense
The Status pages display status information on various services running on your pfSense system. You’ll find many of the same submenus in the Status menu as in the Services menu. But while the Services menu allows you to edit the services’ settings, the Status menu provides status information on the configured services. Some pages may be empty depending on your configuration and the services running.
|Status||/ Captive Portal|
The Captive Portal Status page displays all of the active users of your Captive Portal Zones.
|Status||/ DHCP Leases|
The DHCP Leases Status page displays all of your IPv4 DHCP leases and their status (active, expired, static).
|Status||/ DHCPv6 Leases|
The DHCPv6 Leases Status page displays all of your DHCPv6 leases and their status (active, expired, static).
|Status||/ DNS Resolver|
The DNS Resolver Status page lists caching statistics for each configured DNS server on the System / General Setup page.
|Status||/ Filter Reload|
This page shows the status of the last filter reload request and enables you to force reload the packet filter, by clicking the Reload Filter button.
This page lists all of the configured interfaces on your system and displays high-level information for each one.
The OpenVPN Status page lists all of the active OpenVPN client connections to local and remote OpenVPN servers.
|Status||/ Package Logs|
Certain optional packages’ logs can be viewed from this page. No native pfSense logs are displayed here.
The Queues Status page lists information about your active traffic shaping queues. The queue graphs sample data at regular intervals.
This page displays the status of the various services configured on your firewall. You can also stop or restart each service, as well as a few other options, according to the service.
|Status||/ Traffic Graph|
From the Traffic Graph Status page, you can create a real-time graph for any configured interface on your system. You can display bandwidth in or bandwidth out data and set a few other additional options.
UPnP & NAT-PMP
|Status||/ UPnP & NAT-PMP|
|UPnP & NAT-PMP|
This page displays the list of currently active UPnP port forwards.
The Diagnostics menu contains tools that allow you to troubleshoot, test, and measure your system’s performance. It’s also where you can perform local configuration backups and restores, as well as edit system files, restore the system to factory settings, and reboot and power-off pfSense.
Backup & Restore
|Diagnostics||/ Command Prompt|
From the Command Prompt page, you can execute a shell command, upload or download a file to/from the pfSense file system, and execute PHP commands.
|Diagnostics||/ Edit File|
From this page, you can browse to any file on the file system and make edits. This can be destructive and is not recommended unless you know what you are doing.
|Diagnostics||/ Factory Defaults|
Clicking this menu item resets pfSense to its default settings.
|Diagnostics||/ Limiter Info|
This page displays each configured limiter and child queue in text format.
|Diagnostics||/ NDP Table|
The NDP Table page displays the IPv6 Neighbour Discovery Protocol list. The list contains all of the current IPv6 peers and is essentially equivalent to the ARP Table for IPv4.
The pfInfo page displays statistics and counters for the firewall packet filter. These statistics and counters serve as metrics to judge how the packet filter is processing data.
This page enables you to ping hosts from pfSense. You can select your IP protocol, source address, and the number of pings.
This page displays all of the IPv4 and IPv6 routes configured on your system.
|Diagnostics||/ S.M.A.R.T Status|
This page enables you to perform hard drive health tests on your pfSense hard drive(s). You can view your drive’s S.M.A.R.T. status, perform a self-test, and view the test logs from here.
|Diagnostics||/ States Summary|
The States Summary page provides statistics on the state table and its connections.
|Diagnostics||/ System Activity|
This page displays a list of the top active processes running on the system.
From the Tables page, you can select any of the configured Host or URL aliases on your system from a list and display its contents.
Aliases are converted to tables when they’re used in active firewall rules.
|Diagnostics||/ Test Port|
The Test Port page enables you to test whether or not a host is up and accepting connections on a specified TCP port. Enter the required fields and click Test.
The Help menu provides you with additional resources to learn about pfSense.
About this Page
|Help||/ About this Page|
|About this Page|
Clicking this menu item from anywhere in the pfSense UI opens the relevant pfSense documentation section in your browser, based on the page you’re on in the pfSense GUI.
|Help||/ Bug Database|
Clicking this menu item takes you to the pfSense bug tracker page in your browser.
Clicking this menu item opens the pfSense documentation in your browser.
|Help||/ FreeBSD Handbook|
Clicking this menu item opens the FreeBSD documentation in your browser.
|Help||/ Paid Support|
Clicking this menu item opens the Netgate web page in your browser. You can purchase paid support from there.
|Help||/ pfSense Book|
Clicking this menu item opens the pfSense book in your browser. Though similar, the book and the documentation have different content.