Had a frustrating problem of being able to ping the internet by name and by ip address but could not browse any website. My virtual pc was on a network protected by a PFSense firewall. Both the pc and the PFSense server were running as virtual machines on Xenserver.

pfsense logo

The firewall was connected to two interfaces. One LAN interface and one WAN interface (this one connected to the outside world. I had the latest version available at the time.

pfsense version info
pfsense version information

After further research I found some suggested fixes but none of them worked until I came across the information below.

When pfsense runs as a vm on Proxmox, Vmware and apparently Xensever you must make the below changes to “Disable hardware checksum offload”, “Disable hardware TCP segmentation offload” and “Disable hardware large receive offload”

Im my case the second and third items where already disabled but I did have to manually disable Hardware Checksum Offloading.

To disable this the setting is located on the pfsense menu. Go to SYSTEM then ADVANCED then NETWORKING. Check the boxes to disable the settings as in the screen shot below.

pfsense network settings
Disable Hardware Checksum Offloading

Reboot the pfsense firewall after making these changes. When the system came back up I was then able to browse the internet again from behind the firewall.

There may be other ways to fix this issue but “IT Fixed it for me” Please post any comments below.