Thanks! Must be setup costs for such small pieces of data. For some reason I find this info difficult to search for. I get lots of other crap.

Congratulations.

@johnpoz: This remote site is how far away connected how? The existing network was at the time it was built the largest private VOIP type network in the world.  Its radio audio so one way at a time generally. Latency is not as big an issue as two way audio would be. Makes use of microwave, fiber and even some t-1's thrown in for good measure. The new proposed equipment was said to be unable to span subnets but Ive since found a document that says otherwise. So this is a non issue. But it does raise my eyebrows about the quality of people we were sent.. :o

@Jailer: @heper: installing it manually can brake your system @justaskingonly In case you missed it the first time…........ I know but I'm still trying.

This? https://forum.pfsense.org/index.php?topic=126200.0

Convince FreeBSD to include a different syslog distribution in the base system, then we'll talk. We use what they use. :-) You can use the syslog-ng package if you want so you are not limited to what's in the base system. It's too late for such a change in 2.4, maybe 2.5, not sure what will be in that role for 3.0 but it's still early there. We've already been talking about dropping clog in favor of sensible log rotation and retention since space constraints are not what they used to be in the past, even with RAM disks since most systems have more RAM available. Once we remove the clog-style log requirement then it frees up a lot of options like using syslog-ng in base.

And what mode are you using with your anyconnect TLS, DTLS, ipsec/IKEv2 ?? By default 500 is static, so you want to add 4500 UDP as also static outbound nat?  Are you trying to vpn in or out to an anyconnect? "I also want to be able to connect via Cisco AnyConnect. " After you mention that your using ipsec and openvpn, that you also want to be able to connect to pfsense vpn with anyconnect?

I wasn't measuring bandwidth but user experience latency. Stupid fast!

@hongkonger: i cant even go into bios.. This is the main problem the above people are suggesting it is not related to pfsense  :)

@bilbo: Is it possible to securely access the cameras via the vpn server, blocking outbound over the normal wan gateway or is that still to much of a risk? Thats how i did it. 12 Hikvision IP cams connected to a Hikvision POE NVR. The NVE is connected direct to its own interface on my pfSense appliance with all outbound blocked (as well as access to/from any of the other interfaces). I VPN in to the network to view the live feeds when needed… FYI the industry is starting to wake up. http://z-wavealliance.org/mandatory-security-implementation-z-wave-certified-iot-devices-takes-effect-today/

@uenal10: The Hyperlink for the Package in the installation Guide for the Puppet Agent is Down. I need a Puppet Agent on my pfSense for my Project. Can anyone Upload a new Package? If your looking for remote monitoring and administration of pfsense, you might try this: https://forum.pfsense.org/index.php?topic=120972.0

Ah the wording on the amazon page was a bit hazy..  But from the spec site it does show both https://www.zyxel.com/products_services/8-10-16-24-48-port-GbE-Smart-Managed-Switch-GS1900-Series/ IEEE 802.3af PoE (GS1900-8HP/10HP/24HP/48HP) IEEE 802.3at PoE plus (GS1900-8HP/10HP/24HP/48HP) But on the amazon site it just says High-power PoE+ support IEEE 802.3at (70W Budget) Looks like a pretty good choice.. Have fun with it!!!

@seanmcb: Is/was AMT enabled by default on any of the hardware sold at the pfsense/netgate store? https://www.reddit.com/r/PFSENSE/comments/68opmm/are_any_of_the_pfsense_appliances_vulnerable_to/

It's progress! Wake me when they remove the FTP client though.  :D

I did read that they were used as source in the original attack.  Why would your AP or any other unifi device directly exposed to the internet… Here is a unifi forum thread that exactly about what you stated https://community.ubnt.com/t5/UniFi-Routing-Switching/BrickerBot/td-p/1890896

My new Nextcloud, my next Newcloud… it's all the same  ;D If you like ownCloud, you will love Nextcloud.  They even let you change the theme easily.  The default blue cloud thingy was ugly.