Categories

• TNSR

  Discussions about TNSR

  • TNSR Announcements
  • TNSR Feedback
  • Problems Installing or Upgrading TNSR Software
  459 Topics

  1k Posts

  D

  Hi @Tyronejackson839, Thanks for the awesome advice! Your ACL tips worked perfectly—enabling fragment-checking and lean rules secured my nginx webserver without sacrificing performance. Really appreciate your detailed help! Best, David James | Founder of The Yes No Button!
• pfSense® Software

  Discussions about pfSense Software, click a category below

  • Messages from the pfSense Team
  • General pfSense Questions
  • Multi-Instance Management
  • Problems Installing or Upgrading pfSense Software
  • Firewalling
  • NAT
  • HA/CARP/VIPs
  • L2/Switching/VLANs
  • Routing and Multi WAN
  • Traffic Shaping
  • DHCP and DNS
  • IPv6
  • IPsec
  • OpenVPN
  • Captive Portal
  • webGUI
  • Wireless
  • SNMP
  • Documentation
  • Development
  • Gaming
  • Virtualization
  • Hardware
  • Bounties
  • Retired
  120k Topics

  765k Posts

  F

  Hi all, I am running a pfSense on an old Fujitsu ThinClient with an AMD GX-415GA SOC, 4GB RAM, the onboard Realtak 1Gbit/s NIC for WAN and an additional 2Port Intel NIC for LAN. It has been running fine for 3 years, with continious updates etc. Last weekend the system was showing some problems, no DHCP adresses were assigned anymore and DNS was also not working. A reboot attempt was unsuccesfull and the system was not booting anymore. After a short check I diagnosed that the OS disk has been broken down. For a quick solution I plugged in an USB NVMe I had laying arround and reinstalled pfSense 2.7.2, loaded my backup config and directly updated to 2.8.0. Worked fine for half a day than sudden crashes started to occur. The system suddenly crashes, than DHCP, SSH and WebUI is not longer working. Rebooting solves this issue. I have not been able to figure out the problem so after some issues I decided to go back to 2.7.2 as it was working stable for month. Did this yesterday and still the system crashed last night with the same issues. I now have no ideas what to check. Do you haver any clue what the issue could be. Is a USB NVMe a problem? Thank you and best Florian
• pfSense Packages

  Discussions about pfSense software packages

  • Cache/Proxy
  • IDS/IPS
  • Traffic Monitoring
  • pfBlockerNG
  • UPS Tools
  • ACME
  • FRR
  • Tailscale
  • WireGuard
  20k Topics

  128k Posts

  T

  This still seems to be an issue, and makes the Tailscale client unreliable. I have 4 nodes down now with expiry disabled, after some unknown time, and then a router reboot they can no longer authenticate. Error executing command (/usr/local/bin/tailscale status) # Health check: # - not logged in, last login error=invalid key: API key does not exist unexpected state: NoState From the CLI I can run tailscale login, and it re-authenticates the same node, I can tailscale down + up and it connects fine, status on the webpage looks good, but if I reboot or restart the Tailscale service in the webpage it can no longer connect again with the same error needing to login again. The only way to make it work reliably is to clear the config, delete the node and reconnect as a new node. Pfsense 2.7.2, Tailscale package 0.1.4
• pfSense International Support

  Discuss pfSense in other languages

  • Chinese
  • Deutsch
  • Español
  • Français
  • Indonesian
  • Italiano
  • Russian
  • Nederlands
  • Norwegian
  • Portuguese
  • Polish
  • Romanian
  • Swedish
  • Turkish
  43k Topics

  267k Posts

  V

  @gtrdriver Hallo, auf A braucht das erst mal die Route zu B (VPN Gateway). Dazu musst du erst der VPN Instanz ein Interface zuweisen. Damit erhältst du auch ein Gateway, auf das geroutet werden kann. Das Routing sollte wohl mit einer Policy-Routing Firewall Regel gemacht werden. Hier kannst du bspw. den Traffic eine bestimmten Quelle oder zu einem bestimmten Ziel (im Alias definiert) oder beides routen. In den Advanced Options der Regel kann das Gateway angegeben werden. Die Regel muss ganz nach oben geschoben werden, damit sie vor andren zutrifft, die ausgehenden Traffic erlauben. Auf B brauchst du eine Outbound NAT Regel am WAN für die Quelle-IP (od. bspw. das A LAN Subnetz). Dafür muss du den Hybriden Mode aktivieren. Grüße
• Official Netgate® Hardware

  Information about hardware available from Netgate
  3k Topics

  20k Posts

  S

  Hmm, not really a significant number there. Nothing that would cause throttling to that extent. What about the PPPoE parent interface? Which I assume is ix0? Try: netstat -i and ifconfig -v ix0
• Netgate Announcements

  Information about hardware available from Netgate
  44 Topics

  211 Posts

  A

  It looks like unified web management could be coming soon. It would be great if it means easier control and management of all web services in one place. Let's see if any companies announce more details about it!
• Off-Topic & Non-Support Discussion

  Feel free to talk about anything and everything here

  • Forum Feedback
  • Community Job Board
  3k Topics

  19k Posts

  S

  What? This smells like spam now!