@bilbo:

Is it possible to securely access the cameras via the vpn server, blocking outbound over the normal wan gateway or is that still to much of a risk?

Thats how i did it. 12 Hikvision IP cams connected to a Hikvision POE NVR. The NVE is connected direct to its own interface on my pfSense appliance with all outbound blocked (as well as access to/from any of the other interfaces). I VPN in to the network to view the live feeds when needed…

FYI the industry is starting to wake up.

http://z-wavealliance.org/mandatory-security-implementation-z-wave-certified-iot-devices-takes-effect-today/

@uenal10:

The Hyperlink for the Package in the installation Guide for the Puppet Agent is Down. I need a Puppet Agent on my pfSense for my Project. Can anyone Upload a new Package?

If your looking for remote monitoring and administration of pfsense, you might try this:
https://forum.pfsense.org/index.php?topic=120972.0

Ah the wording on the amazon page was a bit hazy..  But from the spec site it does show both
https://www.zyxel.com/products_services/8-10-16-24-48-port-GbE-Smart-Managed-Switch-GS1900-Series/
IEEE 802.3af PoE (GS1900-8HP/10HP/24HP/48HP)
IEEE 802.3at PoE plus (GS1900-8HP/10HP/24HP/48HP)

But on the amazon site it just says
High-power PoE+ support IEEE 802.3at (70W Budget)

Looks like a pretty good choice.. Have fun with it!!!

@seanmcb:

Is/was AMT enabled by default on any of the hardware sold at the pfsense/netgate store?

https://www.reddit.com/r/PFSENSE/comments/68opmm/are_any_of_the_pfsense_appliances_vulnerable_to/

It's progress!

Wake me when they remove the FTP client though.  :D

I did read that they were used as source in the original attack.  Why would your AP or any other unifi device directly exposed to the internet…

Here is a unifi forum thread that exactly about what you stated
https://community.ubnt.com/t5/UniFi-Routing-Switching/BrickerBot/td-p/1890896

My new Nextcloud, my next Newcloud… it's all the same  ;D

If you like ownCloud, you will love Nextcloud.  They even let you change the theme easily.  The default blue cloud thingy was ugly.

This is a General Discussion forum. You're more likely to get help if you post in one of the many Support forums that you scrolled past to get here.  Perhaps try Installation and Upgrades or General Questions.

All of the above prices are for business class dedicated connections with dedicated bandwidth. There is no SLA, but they do make a good best effort. In addition, I can purchase many /29s for $10/month on any of those packages.

Their connections are also over GPON, but they promise to not oversubscribe the ports. They actively claim that their edge and core network can handle all customers at 100% of their provisioned rates.

OMG…
Found the cause...

I had LZ4 enabled on both ends. Disabled and things fly like normal...
OK, OK...
Reenabled, rebooted everything, problem again.
Disabled and rebooted again and things are back to normal.

WTF?

Hmm, yeah it pretty much doesn't work like that. Unless maybe the upstream provider is artificially limiting you to 4Mbps per IP address in that subnet but allowing you to use multiple IPs.  Like they expect you to be using multiple clients in that subnet for example.

You still can't combine those IPs to one one link of multiples of 4Mbps but if you have a number of things making connections thought pfSense you could NAT them to a range of IPs on the WAN to get 4Mbps per connection.

Steve

I love this but I do have a questions.

This works great on our local network, but we have VPN's setup to other pfsense routers when i try to back them up I get this.

pfSense Backup Tool v2.4.1 by Koen Zomers

Connecting using protocol version 2.3
Authenticating
Requesting backup file
Retrieving backup file
No valid backup contents returned

This is what I ran and the IP is going over ipsec VPN

I:\pfsense\pfSenseBackup\pfSenseBackup2.4.1.exe -u admin -p removed -s 192.168.50.1 -v 2.3 -o I:\pfsense\backups\kron\

I can access the IP via SSH and http over our VPN but the backup fails with "No valid backup contents returned" never seen this but never tried to backup over the PVN before.

EDIT I also tried v2.4.2 and we are on pfsense 2.3.3-RELEASE-p1

EDIT Number2: Never mind I found it in the readme go figure.

2.4.2 - released February 22, 2017 - download - 10 kb

There was a minor modification to the backup page in pfSense 2.3.3. Added support for 2.3.3 and made it the default version. So if you're on 2.3.3 you don't need to provide the -v flag. If you're still on 2.3 you need to provide the -v 2.3 still.

My test device was actually affected and died 2 days ago. Had to reboot it via Serial Console.
This one was close, the others were at 210-211 days:

FW-EXT up 212 days 1 hour failover cluster up 2 years 20 days

We now officially qualify for "another 213 days 12 hours". I like that.

@johnpoz:

Virtual Private Server..  google it ;)

They are not related - its apples and mushrooms..

128 is the men requirement for centos 5 with cli, gui would be 512.. Are you one of those gui people? ;)

Comes down to what your doing with it.. The 128 mb ones are just NS and vpn endpoints.. They don't normally do anything ;)

Hey, thank you for clearing it out.

General section. you may also wanna look for answers outside this community. :)