@fmc-ieee-org said in Kea DHCP: No leases for dynamic DHCP client: there is on going back, at least within the NetGate software control panel What is this? [image: 1705255416654-setisc.jpg]

@johnpoz yep that did it for me, just needed to allow their subnet in the ACL thank you.

@jrey Thanks so much for the help! Couldnt have done it without you! Thanks yet again!

@ahcarak yeah whenever possible I would use the built in net and address aliases.. Because those will change if you change the IP or network on an interface. Only time I would think makes sense to use a specific cidr, if wanting to do a subset of your actual network for something. Or if placing rules on transit or connector network interface and allowing for the downstream networks.

@phil80 There is an open bug already .. https://redmine.pfsense.org/issues/14991

@phil80 we can hope - the ability to do that was available in isc dhcp as well. But never implemented.. As they start adding features for the kea integration it would be nice if they add that ability. I have no current use for it.. But it a common asked about feature for dhcp.. I am hoping they do something with the logging, the logging in kea currently is not as friendly to read as isc logging.

@provels yeah the best way to access pfsense gui while remote would be via a vpn. But it openvpn, ipsec, wireguard, tailscale - or sure a ssh tunnel via say public key auth would be what ya call it a poor mans vpn ;)

@appleredwoodpancakes said in Auto-renew DHCP after outage: I set VLANs on my switch so that I only use the built-in NIC of the ThinkPad as LAN and the WAN connected to VLAN I forgot about that one. Look here : pfsense on 1 network/ethernet port PC using VLANS Way back, I actually bought that switch, so I could try the 'One NIC device' router setup. It never took the time to do it.

Hmm, that might be a little too quick. I often retest projects after a week or more. Still, you've made two helpful suggestions. I'm a little surprised others haven't experienced similar issues and frustrations. But since everything does work, a little extra scrolling is really just a first world problem.

or a NAT for the port 53 to 10.1 that's what i use for iot stuff with 8.8.8.8 hard coded inside ....

Hi @viragomann! It is in router mode, and I couldn't find how to configure or enable the DHCP relay in my router.

@johnpoz Unfortunately I have far too little knowledge of the whole system and at the moment I don't have any time at all to familiarize myself with the matter. I have reinstalled arpwatch again and observed the protocol. It runs cleanly for me. But maybe it has something to do with the fact that I recently installed pfSense 2.7.2 and the missing/incorrect certificates are therefore correct? >>> Upgrading pfSense-pkg-arpwatch... Updating pfSense-core repository catalogue... Fetching meta.conf: Fetching packagesite.pkg: pfSense-core repository is up to date. Updating pfSense repository catalogue... Fetching meta.conf: Fetching packagesite.pkg: pfSense repository is up to date. All repositories are up to date. Checking integrity... done (0 conflicting) The following 1 package(s) will be affected (of 0 checked): Installed packages to be REINSTALLED: pfSense-pkg-arpwatch-0.2.1 [pfSense] Number of packages to be reinstalled: 1 [1/1] Reinstalling pfSense-pkg-arpwatch-0.2.1... [1/1] Extracting pfSense-pkg-arpwatch-0.2.1: ......... done Removing arpwatch components... Menu items... done. Services... done. Loading package instructions... Deinstall commands... done. Saving updated package information... overwrite! Loading package configuration... done. Configuring package components... Loading package instructions... Custom commands... Executing custom_php_install_command()...done. Executing custom_php_resync_config_command()...done. Menu items... done. Services... done. Writing configuration... done. >>> Cleaning up cache... done. Success

@juanzelli Glad to hear it. We're in very active development and release weekly, so if something is not right - let us know.