pfsense connection tracking setup like a Mikrotik

4
(2)

By default, in Pfsense, the values “connection tracking” are set for the FreeBSD, which are different from the settings in Linux based distributions. Therefore, I collected data from Mikrotik-based settings and transferred them to PfSense.

Mikrotik’s settings:

 /ip firewall connection tracking> print                       
                   enabled: auto
      tcp-syn-sent-timeout: 5s
  tcp-syn-received-timeout: 5s
   tcp-established-timeout: 1d
      tcp-fin-wait-timeout: 10s
    tcp-close-wait-timeout: 10s
      tcp-last-ack-timeout: 10s
     tcp-time-wait-timeout: 10s
         tcp-close-timeout: 10s
   tcp-max-retrans-timeout: 5m
       tcp-unacked-timeout: 5m
        loose-tcp-tracking: yes
               udp-timeout: 10s
        udp-stream-timeout: 3m
              icmp-timeout: 10s
           generic-timeout: 10m
               max-entries: 217992
             total-entries: 1233

in PfSense:

Go to: System -> Advanced -> Firewall & NAT. Scroll to whole down. And put these values in fields:

And press “save” button. Changes applies immediatelly.

That’s all. Thanks.

Similar Posts:

2,300

How useful was this post?

Click on a star to rate it!

Average rating 4 / 5. Vote count: 2

No votes so far! Be the first to rate this post.

Scroll to Top