Netgate is offering COVID-19 aid for pfSense software users, learn more.
General Configuration Options¶
System > General Setup contains options which set basic configuration items for pfSense® and the GUI. A few of these options are also found in the Setup Wizard.
The Hostname is the short name for this firewall, such as
site1. The name must start with a letter and it may contain only letters, numbers, or a hyphen.
Enter the Domain name for this firewall, e.g.
example.com. If this network does not have a domain, use
<something>is another identifier: a company name, last name, nickname, etc. For example,
The Hostname and Domain name are combined to make up the Fully Qualified
Domain Name (FQDN) of this firewall. For example, if the Hostname is
and the Domain is
example.com, then the FQDN is
DNS Server Settings¶
Options in this section control how the firewall resolves hostnames using DNS.
- DNS Server 1-4 Address
The IP addresses of the DNS Servers may be filled in, if required and if they are known.
These DNS servers may be left blank if the DNS Resolver will remain active using its default settings. The default pfSense configuration has the DNS Resolver active in resolver mode (not forwarding mode). When set this way the DNS Resolver does not need forwarding DNS servers as it will communicate directly with Root DNS servers and other authoritative DNS servers. To force the firewall to use these configured DNS servers, enable forwarding mode in the DNS Resolver or use the DNS Forwarder.
For more information on configuring the DNS Resolver, see DNS Resolver
If this firewall has a dynamic WAN type such as DHCP, PPTP or PPPoE these may be automatically assigned by the ISP and can be left blank.
- DNS Server 1-4 Gateway
In addition to their IP addresses, this page provides a way to set the gateway used to reach each DNS server. This is especially useful in a Multi-WAN scenario where, ideally, the firewall will have at least one DNS server configured per WAN. More information on DNS for Multi-WAN can be found in DNS Servers and Static Routes.
- DNS Server Override
When checked, a dynamic WAN ISP can supply DNS servers which override those set manually. To force the use of only the DNS servers configured manually, uncheck this option.
- Disable DNS Forwarder
By default, pfSense will consult the DNS Resolver or DNS Forwarder running on this firewall to resolve hostnames for itself. It does this by listing localhost (
127.0.0.1) as its first DNS server internally. Activating this option disables this behavior, forcing the firewall to use the DNS servers configured above instead of itself.
Options in this section control the firewall’s clock display and language.
Choose a geographically named zone which best matches location of this firewall, or a common zone such as UTC. The firewall clock, log entries, and other areas of the firewall base their time on this zone. Changing the zone may require a reboot to fully activate in all areas of the firewall.
- Time Servers
A Network Time Protocol (NTP) server hostname or IP address. Unless a specific NTP server is required, such as one on LAN, the best practice is to leave the Time Servers value at the default
0.pfsense.pool.ntp.org. This value will pick a random server from a pool of known-good NTP hosts.
To utilize multiple time servers, add them in the same box, separating each server by a space. For example, to use three NTP servers from the pool, enter:
0.pfsense.pool.ntp.org 1.pfsense.pool.ntp.org 2.pfsense.pool.ntp.org
This numbering is specific to how
.pool.ntp.orgoperates and ensures each address is drawn from a unique pool of NTP servers so the same server does not get used twice.
The pfSense GUI has been translated into two other languages in addition to the default English language. The alternate languages are Portuguese (Brazil) and Turkish.
Options in this section control various aspects of the GUI’s behavior.
Changing the Theme controls the look and feel of the GUI. Several themes are included in the base system, and they only make cosmetic not functional changes to the WebGUI.
- Top Navigation
This option controls the behavior of the menu bar at the top of each page. There are two possible choices:
- Scrolls with page
The default behavior. When the page is scrolled, the navigation remains at the top of the page, so when scrolling down it is no longer visible as it scrolls off the top of the window. This is the best option for most situations.
When selected, the navigation remains fixed at the top of the window, always visible and available for use. This behavior can be convenient, but on smaller screens such as tablets and mobile devices, long menus can be cut off, leaving options at the bottom unreachable.
- Hostname in Menu
When set, the firewall’s Hostname or Fully Qualified Domain Name will be included in the menu bar for reference. This can aid when maintaining multiple firewalls, making it easier to distinguish them without looking at the browser title or tab text.
- Dashboard Columns
The dashboard is limited to
2columns by default. On wider displays, more columns can be added to make better use of horizontal screen space. The maximum number of columns is
- Associated Panels Show/Hide
A few areas of the pfSense GUI contain collapsible panels with settings. These panels take up extra screen space, so they are hidden by default. For firewall administrators that use the panels frequently, this can be slow and inefficient, so the options in this group allow the panels to be shown by default instead of hidden.
- Available Widgets
Controls the Available Widgets panel on the Dashboard.
- Log Filter
Controls the log filtering () panel used for searching log entries under Status > System Logs.
- Manage Log
Controls the per-log settings in the Manage Log () panel available for each log under Status > System Logs.
- Monitoring Settings
Controls the options panel used to change the graphs at Status > Monitoring.
- Left Column Labels
When checked, the option labels in the left column are set to toggle options when clicked. This can be convenient if the firewall administrator is used to the behavior, but it can also be problematic on mobile or in cases when the behavior is unexpected.
- Dashboard Update Period
Controls the interval at which the dashboard data is updated. Many of the widgets update dynamically using AJAX. With many widgets loaded, a fast update interval can cause a high load on the firewall, depending on the hardware in use. Allowing longer time between updates would reduce the overall load.