@michmoor said in who will offer free bgp transit and peering to me?: @yon-0 You mean IPsec with BGP? And you policy route over the vpn tunnel to me and I route you out my internet? use gre sit wiregaurd openvpn all is ok. peering or transit. where are your network point.?

Hey everyone, Ty for your input...question answered. :)

@bmeeks Thank you so much for your belief in my capabilities. But I just don't have the time or skills needed to start from scratch to learn all that. The UI section could probably to some extent be cloned from the EAP psk UI section, but that would be TERRIBLE design as you could then input IP pools in two places. So if this should be done there should be a change in the UI where the IP pool section is removed from the PEAP psk UI, and instead made into its own IP pool UI where you can enter the IP pool details and Groups (pool) name. The PEAP psk should then have a selector to select which pool name (groups) to attach any PEAP psk ID to. I have accepted it will likely never be a part of pfSense's capabilities, and I have started to deploy non-netgate/pfsense devices at customers now. The final toll on Netgate when I'm done will be a loss of about 50 SG-xxxx devices in sale, but the real problem is actually that I'm starting to recommend another product to customers going forward because I cannot honestly recommend pfSense for companies that needs mobile user VPN. I still love my pfSense for homeuse so It's not like I have lost faith completely ;-)

Good to see interest in said topic!!! Here using an external GPS antenna to home antenna mounted on a satellite dish these days. A graphical display would be a nice add. Here ran the old Windows GPS apps on Linux using PlayonLinux and it worked well.

@JonathanLee ah Those were the days

@SteveITS - Makes total sense! Thanks for pointing me in the right direction!

Does this PPSK function tie into free radius at all on PF? I have an omaada EAP670, configured without the controller (single ap). Using the controller is overkill for my needs. Was hoping to somehow configure the AP to let PF handle the PPSK/vlan assignments. The omada controller does have ability to handle it as per these documents. https://www.tp-link.com/us/support/faq/3152/ https://community.tp-link.com/en/business/forum/topic/620762 Not entirely clear from https://www.tp-link.com/ae/support/faq/2051/ if the PPSK function will continue functioning if the controller is shut down.

@Lace said in NetGate pfSense vs well versed CyberStalker: He is truly an elite hacker, Wrong...nothing elite about a common thief...he's a criminal... @Lace said in NetGate pfSense vs well versed CyberStalker: I knew my attacker personally, Know thyself and you won't hang out with bad company. I want you to understand that it takes time to learn and properly configure pfSense...it's not something you just plug in and forget...managing a network, be it a small home network, is still a lot of work. I am picking on you for allowing a highly secure and expensive device to become worthless. The first thing to do when one buys a computer is not put one's name on it until one learns safe computing. Good luck...almost every three months we see post like this...

@Octopuss said in My network is overcomplicated mess, what shall I do to simplify it?: So helpful. Wow. I am telling where's best to post your issues instead of Off-Topic & Non-Support for next time if your issue isn't resolved.

@netboy Could be. Check status/interfaces for link speed and full duplex, and change patch cables.

@stephenw10 said in RIPE Atlas: I'd probably post in development. There are a few people who have pfSense build environments. I'm not one of them. So, I just trying to post here, in “Off-topic…”

Moved this to off-topic as it's not a pfSense related issue.

@Myworld555 it was the best phone ever. Now I miss it again. I just recycled it. I was able to get my photos off, that is all I wanted. My network settings only showed WiFi info that’s it, mine was the pre plus wife’s the pixie. I hope HP brings it back one day, that phone had everything, wireless changing, WiFi, swappable multi card windows, apps, google maps. It was expensive to have them over $250 a month back in the day, I hate Verizon. When HP pulled that whole update thing and broke our phones I was pissed off for months. They even corrupted my wife’s profile, they even had cloud backup. I had the Palm IIX, Tungsten, Treo 750, Centro, and finally the PRE. The Treo was cool too. I had every single blackberry from the RIM black and white one to the metal one too. Palm Pre was the best, I could not believe HP got away with phone killing updates, well it seemed that’s what they did to them.

@mikeinnyc Interesting for sure...thank you for sharing.

@chpalmer still history. ¯_(ツ)_/¯

What methods use to determine or a timer to fall back really doesn't matter.. At some point your going to have a bad experience if you point a client to more than 1 NS that can respond differently.. Be that with not knowing anything about what your asking about, a local domain for example or if there is any filtering being done or not, etc.. where your answer might or might not be filtered depending on what NS you asked. If your going to point your client to more than 1 NS they should answer the same.. Any of them should be able to resolve your local domain, or if external they should all either filter (the same) or not filter.. This really isn't anything new, this has been how it as been since like dns has even been a thing.. And yeah still to this day I see admin's configuring their dns for a client that could be problematic.. They might get lucky, they might not - but its bad practice in my 30 some years experience in the biz to point to multiple NS that might respond not exactly how you want.. if you ask google dns for something host.home.arpa for example - its going to return NX, and when it does your client won't ask anyone else.. ; <<>> DiG 9.16.45 <<>> @8.8.8.8 www.home.arpa ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26063 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;www.home.arpa. IN A ;; AUTHORITY SECTION: home.arpa. 1800 IN SOA prisoner.iana.org. hostmaster.root-servers.org. 1 604800 60 604800 604800 ;; Query time: 77 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Wed Jan 03 15:36:50 Central Standard Time 2024 ;; MSG SIZE rcvd: 119 And or maybe it returns the wrong IP because you were using a public domain locally.. And if suppose to be filtered, and asked 8.8.8.8 vs 1.1.1.1 for example and its not - your going to have a bad day.. Can be even worse if your forwarding from some common local dns that multiples use, and it happens to query some upstream NS that doesn't filter, and now all your clients can access this site because your local NS cached it.