Would you like to learn how to do monitor PFsense using Zabbix? In this tutorial, we are going to show you how to install and configure the Zabbix agent software on a computer running PFsense and how to monitor a PFsense firewall using the Zabbix server.

• Zabbix server 4.2.6
• Pfsense 2.4.4-p3

Equipment list

Here you can find the list of equipment used to create this tutorial.

This link will also show the software list used to create this tutorial.

Zabbix Playlist:

On this page, we offer quick access to a list of videos related to Zabbix installation.

Don't forget to subscribe to our youtube channel named FKIT.

PFSense - Zabbix Agent Installation

First, we need to install the Zabbix agent on the PFsense server.

Open a browser software, enter the IP address of your Pfsense firewall and access web interface.

In our example, the following URL was entered in the Browser:


The Pfsense web interface should be presented.

Pfsense login

On the prompt screen, enter the Pfsense Default Password login information.

• Username: admin
• Password: pfsense

After a successful login, you will be sent to the Pfsense Dashboard.

Pfsense dashboard

Access the Pfsense System menu and select the Package manager option.

pfsense package manager menu

On the package manager screen, access the Available packages tab.

On the Available packages tab, search for zabbix-agent and install the Zabbix agent package.

There are multiple agent versions available, make sure you select the same version of your Zabbix server.

pfsense zabbix install

In our example, we have a Zabbix server version 4.2.6.

In our example, we installed the Zabbix agent package named: zabbix-agent42

Wait the Zabbix agent installation to finish.

Access the Pfsense Services menu and select the Zabbix Agent option.

Pfsense configure zabbix agent

On the General tab, enable the Zabbix agent service and perform the following configuration:

• Server - The IP address of the Zabbix server
• ServerActive - The IP address of the Zabbix server
• Hostname - The hostname of the PFsense firewall
• Listen IP - Use to listen on All IP addresses
• Listen Port - Zabbix agent default port 10050

pfsense zabbix agent configuration

On the TLS-RELATED Parameters area, you need to perform the following configuration:

• TLS Connect - PSK
• TLS Accept - PSK
• TLS PSK IDENTITY - key-pfsense-01
• TLS PSK - fb6616cd582a2fa0aa161cab3423a9ca640c931b21c8c2e3b7132d6db75aadff (Create your own key)

pfsense zabbix encryption

If you need help to create a PSK key, you may use websites like: https://www.browserling.com/tools/random-hex

After finishing the configuration, click on the Save button on the bottom part of the screen.

In our example, we used the following configuration:

• The Zabbix server has the IP address:
• The PFSense firewall has the IP address:
• The Pfsense firewall hostname is: PFSENSE-FIREWALL
• The PSK Identification key was named: key-pfsense-01
• The communication will be encrypted using the following key: fb6616cd582a2fa0aa161cab3423a9ca640c931b21c8c2e3b7132d6db75aadff

You have successfully installed the PFsense Zabbix agent.

PFSense - Firewall Configuration

By default, the PFsense firewall does not allow external Zabbix connections to the WAN interface.

In our example we are going to create a firewall rule to allow the Zabbix communication.

Access the Pfsense Firewall menu and select the Rules option.

pfsense firewall rule menu

Click on the Add button to add a rule to the Top of the list.

pfsense add firewall rule

On the Firewall rule creation screen, perform the following configuration:

• Action - Pass
• Interface - WAN
• Address family - IPV4
• Protocol - TCP

Pfsense firewall zabbix

On the Source configuration screen, you need to define the Zabbix server IP address.

This IP address should be allowed to communicate with the Zabbix agent installed on the Pfsense firewall.

In our example, only the computer using the IP address will be able to communicate with the PFsense Zabbix agent.

pfsense snmp firewall source

On the Firewall destination screen, perform the following configuration:

• Destination - Wan address
• Destination port range- From (Other) 10050  to (Other) 10050

pfsenze firewall zabbix port

On the Firewall Extra options screen, you may enter a description to the firewall rule.

Click on the Save button, you will be sent back to the Firewall configuration screen.

Now, you need to reload the firewall rules to apply the Zabbix communication firewall rule.

Click on the Apply changes button to reload the firewall configuration.

Pfsense apply firewall rule

You have finished the PFsense firewall configuration to allow the Zabbix server communication using the WAN interface.

PFSense - Testing the Zabbix agent configuration

To test the Pfsense Zabbix agent configuration, access the command-line of your Zabbix server.

First, we need to create a file containing the PSK key to encrypt the communication.

Create a temporary PSK key file on the Zabbix server.

Insert the PSK Key previously defined inside this file.

Copy to Clipboard

Use the following command to test the communication between the Zabbix server and the Zabbix agent.

If everything worked, the Zabbix agent should report the agent version installed on the Pfsense server.

Copy to Clipboard

Keep in mind that you need to change the Zabbix agent IP address, the PSK identification name and the PSK key value to reflect your environment.

You have successfully performed a communication test between the Zabbix server and the Zabbix agent installed on the Pfsense firewall.

Congratulations! you have installed the Zabbix agent on a computer running Pfsense.

You can now use the Zabbix server dashboard to add this computer to the network monitoring service.

Tutorial Zabbix - Monitoring PFSense

Now, we need to access the Zabbix server dashboard and add the Pfsense server as a Host.

Open your browser and enter the IP address of your web server plus /zabbix.

In our example, the following URL was entered in the Browser:


On the login screen, use the default username and default password.

• Default Username: Admin
• Default Password: zabbix

zabbix login

After a successful login, you will be sent to the Zabbix Dashboard.

zabbix dashboard

On the dashboard screen, access the Configuration menu and select the Host option.

zabbix add host

On the top right of the screen, click on the Create host button.

Zabbix Create Host

On the Host configuration screen, you will have to enter the following information:

• Host Name - Enter a Hostname to identify the PFSense server.
• Visible Hostname - Repeat the hostname.
• New group - Enter a name to identify a group of similar devices.
• Agent Interface - Enter the IP address of the PFsesne server.

Here is the original image, before our configuration.

zabbix linux - Antes

Here is the new image with our configuration.

Zabbix Pfsense monitoring

Next, we need to associate the host with a specific network monitor template.

By default, Zabbix comes with a large variety of monitoring templates.

Access the Templates tab on the top of the screen.

Click on the Select button and locate the template named: Template OS FreeBSD

Click on the Add option (1).

zabbix template monitor pfsense

Next, we need to encrypt the communication between the Zabbix server and the PFsense firewall.

Access the Encryption tab on the top of the screen and perform the following configuration:

• Connectios to host - PSK
• Connections from host - PSK
• PSK identity - key-pfsense-01
• PSK - fb6616cd582a2fa0aa161cab3423a9ca640c931b21c8c2e3b7132d6db75aadff

Click on the Add button to finish the configuration.

zabbix pfsense encryption

After a few minutes, you will be able to see the initial result on the Zabbix Dashboard.

The final result will take at least one hour.

By default, Zabbix will wait 1 hour to discover the number of interfaces available on the Pfsense server.

By default, Zabbix will wait 1 hour before collect information from the network interfaces.

In order to test your configuration, access the Monitoring menu and click on the Graphs option.

Zabbix graphic

On the top right of the screen, select the group named ALL.

Select your PFSense computer host name.

Select the graph named: CPU UTILIZATION

Pfsense zabbix monitor cpu

You should be able to see the graphic of CPU utilization.

Zabbix Pfsense monitoring processor

Congratulations! You have configured the Zabbix server to monitor a Pfsense computer.