@wolfram There is a problem with Hyper-V, see here. It will be fixed in the next release.

I figured out how to connect my computer to the pfsense vm. On windows server 2016 i went to network connections where i can see all my ethernet adapters. Then i selected in my case ethernet 3 where my computer is connected and the internal lan adapted and bridged the two adapters. In the bridged adapter i changed the ipv4 adress and i was connected to the router.

However now i am connected but still dont have internet and i am able to ping 8.8.8.8 but not google.com i get the error dns could not be resolved when trying to access internet in chrome.

@darcey Thank you for that info, I may look into proxmox and try it out, need to expand my toolbox a bit.

@basense
Can you check out if it's an DNS issue? Try to ping a public IP, e.g. 8.8.8.8.

If that fails as well, is pfSense able to access the internet?
If not, it might rather be an issue or wrong settings in VirtualBox.

@topogigio
I have no idea about the hw upgrade or VMware.

But always backup the config file to a secure place ...
Then it's easy to reinstall pfSense , to the current state - If s... hits the fan.

/Bingo

Well, since the test is with the host, and pfsense is not involved, why it is a pfsense issue.

The host connects to the internet through the pfSense VM.

@gertjan Ah, brilliant, that did the trick. Many thanks! :)

Actually solved using gpart instead of fdisk (this way I can see and manage the disks).

Thank you.

@gdzbedfz You should start with troubleshooting where the problem lies. Run a tcpdump on the interface you're sending the PFSense logs to. If you see Syslog, then you know the issue lies within the Elk configuration. If you don't see the logs running tcpdump, you have an issue blocking PfSense syslog from reaching Elk.

You will need to set the virtual network adapter(s) to trunk mode, see Set-VMNetworkAdapterVlan

If you have more than one vmnetworkadapter you can filter by macaddress, for example:

Get-VMNetworkAdapter -VMName "vmname" | Where-Object {$_.MacAddress -eq "00155D010203"} | Set-VMNetworkAdapterVlan -Trunk -AllowedVlanIdList "2-9" -NativeVlanId 0

@stephenw10 Oh wow. I misunderstood. Assumed this was the NIC detaching because the whole bus shouldn't be possible, as you said.

I need to dig into the Hyper-V side of this to understand that. That's absolutely baffling behavior. But hey, Microsoft...

@bob-dig Potentially; without packages I don't think I've seen a router over about 2-2.5 GB actual usage. Remember to allow space for OS+pfSense upgrades, runaway logs, etc.

Mmm, I'd expect that to 'just work'. Seems like a proxmox issue though. Can we see you proxmox network config?

@rcoleman-netgate Dear Readers, This issue is now solved for me. Here's an explanation for future vmware fusion folks...

I redid option 2 again for the LAN interface, noting that the bridge100 interface on in the MacOS offered up the 192.168.198.0/24 network (see above, your bridge networks may be different). I entered in for option 2:

new LAN ipv4 address: 192.168.198.10 (198.1 will not work)
subnet mask: /24 (class C to match the bridge100 interface)
enable DHCP server
start address of range: the IP number you used above, eg 192.168.198.10
end address of range: some higher number in the 4th octet, eg 192.168.198.200
yes or no to the http setting

Important in VMware! After redoing the LAN interface, then go into the vmware configuration for the LAN network interface (compare the MAC address via the pfSense shell to your interface). ==> Change the interface setting from "Share with my Mac" to "Private to my Mac". Let vmware make the changes.

At this point, your pfSense network setup should look like:

WAN (wan) -> em0 -> v4/DHCP4: 172.16.20.138/24
LAN (lan) -> em1 -> v4: 192.168.198.10/24

and you should be able to ssh or https to IP number 192.168.198.10 to login or see the pfSense webpage.

I reverted to the snapshot, upgraded the virtual hardware (6.7 compatible) for the VM in ESXi and did the upgrade again. This time it worked.

While that is true that a userland program should not be able to trigger a kernel panic, pimd should still ignore interfaces that don't exist. One doesn't absolve the other of having a bug in this case, they are both doing something they shouldn't.

Mmm, that seems expected. Opyion 6 form the menu would be shutdown -p now. '-h' just halts and seemingly fails to reboot like a normal reboot does.
The reroot option doesn't reload the kernel etc so doesn't touch any ACPI power functions. I would expect that to work.

Steve

@urbaman75 said in PfSense with ZFS RAID1 on Proxmox Ceph pool:

Is it OK to make the pfSense instances RAID1 zfs? Or is it better to use UFS in this scope?

Hi,

If you listen me, then definitely ZFS

Problem fixed by forcing the gateway on the AP to PfSense's LAN IP. I had it set up through /etc/network/interfaces but turns out I had to set it up via

route add default gw 192.168.1.1 wlan0

Ok tomorrow morning I work on it a little bit following that thread, for the moment I had to esculede Pfsense, if in case I can't solve it quickly I will downgrade to version 5.2.2

Vince

That's just down to how you have it setup in VBox.

You want the WAN side NIC passed through to the pfSense VM WAN interface so it cannot connect to anything without the firewall.
The LAN interface can be bridged to NIC2 so anything there will see it on the same subnet. Including the host.
You don't want the host PC trying to use DHCP to pull an IP from the pfSense though because it obviously won't be able to until the pfSense VM has booted. So set the workstation to a static IP in the LAN subnet but outside the DHCP range.

Steve

I've had a lot of problems with Hyper-V virtualizing firewall, the performance of Endian Firewall on it is poor, as well as problems with pfSense and other things.

The ones I had the best results were VMWare and Proxmox, but since I hate VMWare (personal taste), Proxmox became my main virtualization tool! Nowadays with Proxmox Backup Server and the great adoption of KVM by several market players over proprietary solutions, after Citrix mistakes about XenServer, Proxmox has become even better!

@lburns this is not too complicated.

You simply want your LAN to be a transparent bridge of two nic ports. The bridge itself provides the router ip address etc.

mostly correct post showing how to do this while preserving current LAN settings.
https://protectli.com/kb/how-to-enable-lan-bridge-with-pfsense/

a post explaining the correct advanced setting to make it transparent. The above post has this wrong.
https://forum.netgate.com/topic/90384/help-clarify-my-understanding-of-the-net-link-bridge-pfil-tunables-please/2

If you can link the two in a transparent esxi bridge, then just pass that bridge to pfsense as your LAN and you are done.

Please tell us how it goes.

@raizor_hd Not understanding what they are, how they work or how to set them up.. Yeah bit of a learning curve..

Do you even have a vlan capable switch? Most likely not.. Nevermind is right - waste of everyone's time, especially mine..

@bmeeks Thank you very much my friend it worked for me!

Well as time is precious, let's go to the beautiful and free road, already built an AMI free of charge YAY! Thanks for the help.

@bingo600 The first one was default, I bought the devices last December and the new one is from the Dlink website. Well, now I have put all the port as untagged and turnd the safeguard off. Now they are working again.

@finderos47 wow that is some OLD stuff.. 2k3 even extended support ended back in 2015..

That cpu is from 2008.. And only 32 bit..

Sorry but time to retire that hardware..

@gertjan Dear friend,

Thank you for your time spending to reply in my request.

Finally, i manage to configure it properly, following the instructions of the Official Netgate manual, using two virtual cards, one of them (LAN) as private.

Previously, i used the host network card, and probably this was my fault.

Many thanks again!

@octopuss
What I do on Hyper-V is disable time sync from the host for the pfSense VM. NTP runs on pfSense, all local machines {including the host} look to PFSense for time sync, and the host maintains time sync for machines that are powered off.
ac0b0807-72aa-46f6-9f3b-3f81e874505b-image.png