AWS is fun. Glad you got it working.

@tagit446 said in Online Privacy: And we/you are using pfSense why..? I use it because its an easy to use full featured firewall/router.. My network is segmented and firewalled.. My IOT devices are on their own segment and are have controlled and logged access. While they can access the internet they do not have access to my other devices. My wifi is also segmented, I have my network for my devices that use eap-tls to auth.. While iot devices and guest have their own vlans and are again controlled and traffic monitored for odd stuff they might be doing ;) A firewall between your local networks has little to do with some vpn service..

@amandeep92 If the power is cut, what would you expect? And a system setup years ago, does require some maintenance and upgrade. I insist. You need professional help

https://forum.netgate.com/topic/136229/vpn-blocked

@clement-montreal said in Double NAT ?: @derelict you killed it man !!! :) [image: 1543798832169-screen-shot-2018-12-02-at-4.57.53-pm.png] (feels so dirty hustling for tokes.)

Really a shot in the dark with the lack of information provided, however does this look close to what you are seeing: Unbound 1.8.1 has fixed a few memory leaks, notably one in DNS over TLS that causes unbound to consume all memory and fail after a few days. https://redmine.pfsense.org/issues/9059 If so, try running pkg update to get the latest unbound installed.

@grimson Thank you very much. If you know pfblockerNG well, can you please tell me how to create Alias using DNSBL list?

Yeah LACP doesn't work that way. the BPDUs are between the connected interfaces. They don't get forwarded by a bridge.

Ooooh. How about a dedicated box to run the UniFi management software? I've been wanting to install that on pfsense forever, but it has issues running inside pfsense.

@chpalmer said in Whom do I need to yell at?: @harvy66 Only a holiday in this country.. :) The company I work for is international and everyone gets paid time off for Thanks Giving. All offices closed early the day before and closed the day of and after. 4th of July is USA only.

At this point the Watchguard X-e boxes have been end of life for around 10 years. Its very probable that your unit is simply bad.. I do have one of these still in operation myself at one customer location with plans to replace very soon. The 2.3 branch of pfSense is now EOL as well and not supported anymore. Just sent 6 of these boxes to the recycler.. most of which had never been upgraded to pfsense. If your proficient with pfsense and know for a fact your not doing anything wrong with configuring things you can pretty well most likely blame bad equipment here.

Cool, it's not a complex config at this site. Glad it's a VM, I'll spin up a replacement! Thanks for the advice.

https://www.netgate.com/docs/pfsense/book/

@pfrickroll , well I understanding, nice to read about, and agreed. Same here my adventures with firewalling world of pfSense began about three years ago and is really cool discovering networking stuffs with simply power of Free BSD and PfSense. I'm loving it. So I know pfSense from 2013 but I'm not remember any specific options for managing many different configs at same time. Maybe if exsist in older Additional Packages software , in older days and maybe it's purged out for missing support I dont'know, but at this time High Avail. Sync can support at least some basics stuffs if you can share between all your different setups like: ** System / High Availability Sync** configuration shows: User manager users and groups Authentication servers (e.g. LDAP, RADIUS) Certificate Authorities, Certificates, and Certificate Revocation Lists Firewall rules Firewall schedules Firewall aliases NAT configuration IPsec configuration OpenVPN configuration DHCP Server settings WoL Server settings Static Route configuration Load Balancer configuration Virtual IPs Traffic Shaper configuration Traffic Shaper Limiters configuration DNS Forwarder and DNS Resolver configurations Captive Portal This is a starting point, for me... I trust here in the Netgate forum some dude hold the answer for sure. I guess a kind of XMLRPC protocol "work" made by a custom php script for a possible approach but I'm not a programmer, I'm only a big fan