Ihave two WAN connection. The first WAN connection connects via FTTH modem. The second connection connects via 4G LTE CPE modem. I have configured fallback and load balanced dual WAN connection on my pfSense box. However, once in while the Internet connection either one of the WAN goes down. How can I tell pfSense to send an email notification when fallback (or any) WAN connection goes down? How to configure pfSense email notification when an alert happens?
A dual wan pfSense firewall allows you to increase your internet bandwidth. You can load balance traffic as per your needs. You can get internet connection redundancy and failover. If one connection goes down, your traffic will be routed automatically to a backup link. One can configure SMTP e-mail notifications with pfSense. This page shows how to configure SMTP settings to send notification e-mails.
How to send SMTP email notification
To send e-mails from pfSense firewall one need access to an SMTP server. Most SMTP servers are password protected for security reasons and to avoid spam issues. The easiest way is to use your personal Gmail account. Another option is to use any cloud-based SMTP server that allows you to send the email. Configuring SMTP e-mail notifications is easy provided that you have SMTP server information.
How to configure SMTP e-mail notifications
The steps are as follows for pfSense email notification:
- Login to pfSense web admin panel such as https://192.168.2.254/
- Click on the System > Advanced.
- Choose the Notifications tab.
- Set the E-Mail server settings such as an IP address or FQDN, SMTP port, Enable SMTP over SSL/TLS, SMTP username and password
- Configure Notification E-Mail auth mechanism as per your serivce provider
- Save the changes.
Example: Configure pfSense email notification with Google Gmail SMTP
Gmail (SMTP) Server settings are as follows:
- Server name: smtp.gmail.com
- Requires SSL: Yes
- Requires TLS: Yes (if available)
- Requires Authentication: Yes
- Port for TLS/STARTTLS: 465
- Username: Your gmail address (such as ActualEmailID@gmail.com)
- Password: Your gmail password (Use an App Password: If you use 2-Step Verification for gmail, you must signing in with an app password. Normal password won’t work as 2FA will block access to it.)
You will get an email as follow when you click on the Test smtp settings:
Configuring pfSense email notification with Amazon Simple Email Service (SES)
In a corporate environment, you might be using something like a cloud-based email service or your SMPT service. In this example, I am going to show how to use AWS SES to send corporate emails to network or sysadmins who are responsible for managing your pfsense based firewall:
- E-Mail server: email-smtp.us-west-2.amazonaws.com
- SMTP Port of E-Mail server: 465
- Secure SMTP Connection: Enable SMTP over SSL/TLS
- From e-mail address: email-id-as-per-ses@nixcraft.com
- Notification E-Mail address: somewhere@nixcraft.com
- Notification E-Mail auth username: Your SES user name
- Notification E-Mail auth password: Your SES password for SMTP authentication
- Notification E-Mail auth mechanism: PLAIN
- Test and save the settings
Here is a sample email when one of WAN connections goes down and comes back online after some time:
You can also visit the Status > System Logs > System tab to see info about gateway and other problems. This is also useful to see if you receive the test e-mail:
Conclusion
You just learned pfSense email notification configuration to send notification e-mails when WAN connection goes down. It will also send you other notification when an alert happen. Sending e-mails from pfSense needs access to an SMTP server such as Gmail smtp or cloud based SMTP service. Please see the official docs here for more info. You might also find “How To Use Gmail Account To Relay Email From a Shell Prompt” useful.