You're welcome. Feel free to ask if you need information in detail.
But check out the hangout videos, they are really great, providing answers to almost all potential questions

-Rico

Hi !

All well, thanks.

Look : https://forum.netgate.com/search?term=HG8245&in=posts&matchWords=all&sortBy=relevance&sortDirection=desc&showAs=posts

Google Translate ?

@vielfede said in Cron does not work specifing time:

it is a VM
[2.4.4-RELEASE][admin@pfsLazzarini.localdomain]/root/scripts: date
Fri May 8 00:09:26 CEST 2020

Being in a VM could mean the time is even worse than usual. Also you're on 2.4.4, should be on 2.4.5.

A couple other things: Make sure the Hypervisor clock is OK, and if this is ESX, (a) make sure that ESX is up-to-date and a current supported version (e.g. 6.7), (b) make sure the VM hardware support has been updated to the highest level supported by the hypervisor, (c) make sure the OS type configured in the VM settings matches the pfSense version installed, and (d) make sure that Open-VM-Tools is installed and up-to-date.

Sure (regarding ICMP) - it is not relevant here as it is not dependent on the source network - they just block it outright, I should have excluded that info as it is not important.

I did not think about that - I indeed do have a dynamic DNS host name for my IP... How could I have forgotten that! Thanks for clearing up my D'OH moment.

@kejianshi said in Took the Solar Plunge:

I didn't even look those batteries up - They came from walmart which is pretty much all I needed to know…

http://upsinverterinfo.com/exide-inva-tubular-battery-models-available-in-market.html

These also work well if you need something you can easily order from napa or auto zone:

http://www.carid.com/optima/optima-bluetop-marine-battery-4309821.html

http://www.marine.hr/webshop/eng/products/battery-exide-dual-agm-50ah-orbital-deep-cycle-18.html

But having an actual solar battery is even better:

http://www.wholesalesolar.com/products.folder/battery-folder/rolls-s550.html

Any of the batteries listed above and especially the last one will allow serious daily cycling for years. here's how a homemade solar panel works.. https://batteryforinverter.com/how-does-a-homemade-solar-panel-work/

Or...  You can buy a new bank of batteries from walmart every 6 months.

I strongly agree with kejianshi! Solar is one of the most affordable and sustainable forms of energy today! #SaveEarth

Glad you were able to post in the French section now.
I can't help there though because the only french I speak is le croissant. 😂

-Rico

Just the BIOS not the full android firmware. That's what it looks like from what I'm reading, yes.

Of course I've never tested it. And flashing the BIOS is potentially dangerous etc. 😉

Steve

@Ascrod It looks like I'm almost there. But missing some routing.
Here is my setup.

Pfsense WG config: I've hidden real keys. But still showing which keys are used where

[Interface] # Generated by pfSense Address = 10.100.100.1/24 ListenPort = 51830 DNS = 10.0.0.1 <----- Pfsense local LAN IP PrivateKey = xxxxxxxxxxxxxxxx [Peer] # phone PublicKey = cccccccccccccccccc AllowedIPs = 10.100.100.2/32 [Peer] # IPAD PublicKey = vvvvvvvvvvvvvvvvv AllowedIPs = 10.100.100.3/32

Client config of Android Phone

[Interface] Address = 10.100.100.2/32 DNS = 10.100.100.1 PrivateKey = dddddddddddddd [Peer] AllowedIPs = 0.0.0.0/0 Endpoint = my_ddns.com:51830 PersistentKeepalive = 21 PublicKey = cccccccccccccccccc

Now im not sure which and where i need to add the rule for the vpn interface. Is it under NAT and port forward from WAN to OPT4 Address? OR is it under NAT> Outbound?
Note my above config works fine if i move that to my ubuntu wireguard server and simply forward UDP port 51830 from pfsense to my ubuntu machine IP.. NOTE: For testing purpose im using the same private and public keys on my ubuntu wireguard server and this one im trying to setup on the PF box. I believe that should not be an issue? Thanks for your help

TunWG0 interface

I tried the following rule but i dont think thats correct
NAT Rule

If i tcpdump on my pfsense internet side(WAN) interface, i see constant incoming connection attempts from phone and then the pfsense reponding back to the phone from the WAN interface.
But if I trace on the TUNWG0 interface i only 1 request from 10.100.100.2(Phones vpn ip) to the pf sense WAN inteface.
This is the furthest ive been able to get now. From the pfsense and from my LAN devices, i can ping the phone's vpn ip(10.100.100.2) but thats it. I cannot ping LAN IPs, lan DNS, 8.8.8.8 etc from the phone.

What are you replying to there?

@andrealucia said in Chrome password auto-fill breaking IPv6:

This prevents the IPv6 gateway from starting. In years of running pfsense, I've never seen this behaviour.

When pfSense boots, interfaces are mounted, protocols are started, things like IPv4 and IPv6 are activated, links are build. IP's are set, masks and gateways are defined.
All this happens long before processes like a web server (nginx), that hosts the pfSense GUI, are started.

Yet the login of a user using some browser disrupts the IPv6 gateway ?
How ?

@andrealucia said in Chrome password auto-fill breaking IPv6:

Is there any other work-around?

I thought the issue was solved. It's a browser behaviour.