Someone here had to set up a VPN connection using Logmein Hamachi, but kept getting timed out due to the software switching to a relay server. Remedy follows.
Like many VPN services, Logmein Hamachi likes to communicate using static ports. But by default pfSense automatically randomizes all outgoing port traffic, to reduce the risk of internal hosts being identified by outsiders.
While pfSense’s behavior is reasonable, if you need to use a VPN service like Logmein Hanachi you’re going to have to change that default behavior.
The way to do that is outlined in the pfSense wiki here.
Basically the procedure described requires going into Firewall… NAT, selecting “Manual Outbound NAT rule generation” and hitting save. Then you need to select the particular rule that needs to be set to static, for example “Auto created rule – LAN to WAN”, and hit edit. Once in the rule, check the “Static-port” box under “Translation”, and save to commit.