Subcategories

  • Discussions and feedback related to this forum

    607 Topics
    3k Posts
    johnpozJ

    @microserfs and what IP was that - clearly your current IPv6 address is not block that I show you connected with.. And the only other IPv4 I see you using is not blocked.. You would have to let me know what IP you were coming from that was blocked.. Send it to me via PM if you don't want to make it public.

  • Community Hiring and For Hire postings related to jobs that require pfSense software skills

    27 Topics
    114 Posts
    w0wW

    @sef1414
    Name it "run.sh", copy to pf and chmod according documentation
    https://docs.netgate.com/pfsense/en/latest/development/boot-commands.html#shell-script-option
    You will see messages in the system log like those quoted in the script after logger command.

  • Free Network diagram drawing tool for Win,MAC or Linux.

    Pinned until 10/1/25, 12:00 AM
    20
    8 Votes
    20 Posts
    14k Views
    Sergei_ShablovskyS

    @krishcomment said in Free Network diagram drawing tool for Win,MAC or Linux.:

    HI, @Sergei_Shablovsky
    Thanks. I would like to address some concerns which you have raised here.

    Regarding the shape libraries, Creately does support AWS, Cisco, GCP, Azure, and Kubernetes shapes, which can be accessed via a dedicated account.

    Most of network diagramming tools that I have been testing on a real use cases may be divided on 2(two) main groups:

    With ability to take attention to interface type, port speed, etc.- trying to simulate packet flow. Mostly there are hi-priced, proprietary, and with shrinked library of device’s models and in addition the ugly UI/UX interface solutions.

    The shapes drawings vector editors, with full toolset (like layers, smart layers, smart groups) and rich abilities to manipulate with graphic’s objects. Polished UI/UX (especially on Apple macOS) and rich import/export features, that give ability to import any drawings from equipment/appliances manufacturer. (Most of enterprise-level manufacturers already have drawings in .ai, .svg or other vector formats).

    With the trial version, these libraries aren't available, but once you have a full account, you'll be able to access them. I can also provide screenshots of these shape libraries for reference.

    Please give us several screenshots.

    On security, Creately is ISO 27001 and SOC2 certified, ensuring high standards of data protection. Some of our key users include the Australian government, Dubai government, NASA, and Netflix, all of whom trust Creately's enterprise-grade security. We also offer on-premise deployment options for organizations with strict security requirements.

    We all see that each day some private data leaking from cloud services. Especially in Enterprise world.

    I am strongly stay at point that so important, CRITICAL DOCUMENTS like network infrastructure schemes - have a MUCH BETTER SAFETY LEVEL when create, store and edit in INSIDE PERIMETER of organisation. Because a lot of abilities of internal security, both from physical to digital.

    Lastly, the cloud-based nature of Creately allows for real-time collaboration and scalability, making it a powerful tool for corporate users working across distributed teams. While standalone apps have their strengths, Creately's collaborative features enhance efficiency in fast-paced environments.

    Sounds like ADs. ;)

  • This category is not for pfSense support!

    Pinned Locked
    1
    1 Votes
    1 Posts
    4k Views
    No one has replied
  • Join Netgate / pfSense on Slack

    Pinned Locked
    1
    1 Votes
    1 Posts
    9k Views
    No one has replied
  • [ Show your pfSenses! ] - Thread - (bandwidth warning!)

    Pinned
    166
    0 Votes
    166 Posts
    151k Views
    N

    Reseau.jpg
    87355faf-ac9e-4b32-b945-e0e4e80f2644-image.png

    Network

    APC Back UPS ES500 Cable Modem | 100 / 30 Supermicro X10SBA (J1900) w/ 8GB RAM, 30 GB SSD (pfSense) TP-Link SG1016DE smart switch TP-Link Archer C7v2 WAP Cisco SPA112 ATA (not visible) Lutron Caséta Downstairs in the condo locker APC XS1500 UPS TP-Link SG105E smart switch Dell T610 30m away in the garage another ArcherC7v2

    The chassis is an Akasa Euler meant specifically for Supermicro A1SAi/A1SRi. I was naive to think the block heatsink would fit the X10SBA. It does not. It was bought to build an HTPC.

    I hoped to find a compatible mobo at a decent price but those two models are vere expensive. The box is open since the SOC relies on its OEM heatsink instead of the massive block of the Euler.

    TV

    A complete coax set for paid service A complete coax set for ATSC
  • Internet Connection Required On New Installations

    8
    0 Votes
    8 Posts
    372 Views
    P

    From my perspective the issue is the scope for a users contingency planning on pfsense router failure (initially of unknown cause). Netgate's current device locked licensing and lack of an off line installer doubles the cost of ownership and significantly reduces pfsense functionality. It is the reason I have not purchased plus licences.

    My contingency planning is focussed on rapid restoration of service with minimum dependences, limited technical complexity, and a short time. Doing so involves the ability to swap out a failed physical system and replace it with another. First line using a box with pfsense pre-installed. Second line with my locally stored copy of pfsense installation media. The installation media has to work within my system without a functional router, for which an off line installer is most reliable. An online installer which uses that sites pfsense configuration may work but at best introduces higher risk in a contingency plan.

    To achieve this economically I run pfsense on third party hardware which also does other roles. I have multiple physical devices performing tasks of varying importance (set top box for each TV, router a several sites). As well as each device running
    running multiple virtual machines for other functions (PABX, Unifi controller, surveillance cameras etc). The overall effect is all hardware is utilised but relatively spare hardware can be rapidly commandeered if required.

    For this to work with pfsense plus I need to be able to install pfsense on multiple virtual machines and transfer a licence from a failed to a replacement device if required. Ideally by entering registration details in the replacement hardware (which would warns doing so inactivates the prior registration) or doing the same via a Netgate portal. Either of which implies such a transferable pfsense plus licensed device regularly checks licence validity with a Netgate server (making a transferable licence incompatible with a pfsense installation without online access to the Netgate licence server).

    I'm not sure how large the market is for off line Netgate routers. Such an installation would require a non trivial protocol to update pfsense software, which even on Netgate hardware would not be simple. With an off line installer including all patches was available, this could be taken into the secure environment and used to re-install / update pfsense. My understanding there has never been an off line installer with all patches (or packages) as such I suspect software update would require secure erasing the pfsense disk, physically moving the hardware out side of the secured environment, programming it with current pfsense software, returning it to the secure environment, import the sites pfsense configuration file. Not something done frequently and probably not a large market but I could be wrong.

    Similarly my use case is probably also a small market, however I suspect the market for economic contingency planning is much broader. As such many users are likely to benefit from the licence transferability and off line installation options which maybe possible it a monitored plus licence option was offered.

  • Home Lab - How to configure

    Moved
    4
    0 Votes
    4 Posts
    159 Views
    stephenw10S

    I don't know how Truenas would set that up but in Proxmox you could add an address to the bridge and use that to access Proxmox. It could be dhcp or static. I would probably leave it as dhcp and set a static dhcp lease in pfSense so it always get the same IP address.

    Just to be clear though that is config in Proxmox it is not a bridge in pfSense.

  • This topic is deleted!

    1
    0 Votes
    1 Posts
    7 Views
    No one has replied
  • PFSense -- Point me in the right direction

    9
    0 Votes
    9 Posts
    1k Views
    L

    @Wylbur Thank you!

  • This topic is deleted!

    1
    0 Votes
    1 Posts
    19 Views
    No one has replied
  • This topic is deleted!

    1
    0 Votes
    1 Posts
    6 Views
    No one has replied
  • Accessing MOCA Adapter Admin Page

    9
    0 Votes
    9 Posts
    928 Views
    cwagzC

    I know you said this wasn't your problem, but I had mine all set up with static reservations in DHCP and had modified them to use DHCP assignments. I was able to periodically log in and check their connection strength and whatnot without issue. At some point I needed to do a firmware update and noticed they would no longer respond to ping or bring up the webgui at the statically assigned IP. This was after switching to KEA DHCP. I had to connect to each one individually with a laptop, reset it, and flash the firmware. I then decided to set them back to DHCP and they disappeared into the void again. I haven't been able to connect to them since but assume they will be back at some point once something gets ironed out in KEA.

  • script to back up pfsense config to github

    8
    3 Votes
    8 Posts
    1k Views
    L

    @tgl You're absolutely right. Hardcoding the password (and especially pushing it to a repo, even a private one) was a poor decision. That part was initially just for testing, and I forgot to replace it before pushing.

  • Just a simple, informative network utility from Y2K

    4
    1 Votes
    4 Posts
    768 Views
  • Install Bash pfSense

    8
    0 Votes
    8 Posts
    9k Views
    O

    Fast forward 9 years... the FreeRADIUS package includes bash as a dependency. So simply install FreeRADIUS

  • Poor cable modem internet service

    15
    0 Votes
    15 Posts
    2k Views
    L

    @tedquade Oh, great news! Thank you for the update, Ted.

  • Boot Environment in pfSense CE

    4
    0 Votes
    4 Posts
    605 Views
    andrzejlsA

    @LukasInCloud
    I run pfSense+ as my firewall and, yes, I create new BE copy after every major change and switch to it as WIP. I also have a computer running FreeBSD 14.2 with KDE Plasma 6 DE. I create new BE copy in CLI.

  • Voice over IP (VOIP) services are changing router design.

    17
    0 Votes
    17 Posts
    2k Views
    D

    @voxmagna1 Something else that may help: Firewall Optimization Options

  • This topic is deleted!

    1
    0 Votes
    1 Posts
    3 Views
    No one has replied
  • This topic is deleted!

    2
    0 Votes
    2 Posts
    2 Views
    No one has replied
  • Network Upgrade and Rack cleanup

    11
    12 Votes
    11 Posts
    1k Views
    stephenw10S

    Nice! 👍

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.