@viragomann You were right my friend, thank you thank you thank you. I was nearing giving up on this project lol. Was about to plug the broken router back in for now. My OpenVPN config was 'tap' mode, which mainly was because of the previous system requiring me to use it. I didnt think it would cause to much problems but behind the scenes what needed to happen was not happening. I had no gateway interface being configured (thats why i had added one a couple times for testing). I've set it to a /30 and 'tun' mode and it seems to be working without further input now.

@jimp Thanks! Will make a note of that :)

Resolved issue in Sunny Valley Forum. Now back under control, and have new script to see how large these files are in compressed and uncompressed size find . -type f -iname "*all.sqlite" -exec sh -c "echo -n ' de-compressed: '; du -Ah '{}'; echo -n 'compressed (used): '; du -h '{}'; echo ' '" \; de-compressed: 44K ./usr/local/datastore/sqlite/alert_all.sqlite compressed (used): 4.5K ./usr/local/datastore/sqlite/alert_all.sqlite de-compressed: 8.0K ./usr/local/datastore/sqlite/sip_all.sqlite compressed (used): 4.5K ./usr/local/datastore/sqlite/sip_all.sqlite de-compressed: 73M ./usr/local/datastore/sqlite/tls_all.sqlite compressed (used): 30M ./usr/local/datastore/sqlite/tls_all.sqlite de-compressed: 443M ./usr/local/datastore/sqlite/conn_all.sqlite compressed (used): 187M ./usr/local/datastore/sqlite/conn_all.sqlite de-compressed: 184M ./usr/local/datastore/sqlite/dns_all.sqlite compressed (used): 78M ./usr/local/datastore/sqlite/dns_all.sqlite de-compressed: 58M ./usr/local/datastore/sqlite/http_all.sqlite compressed (used): 12M ./usr/local/datastore/sqlite/http_all.sqlite

@stephenw10 Yep, that’s what my testing shows.

@ali_jobia I take it you looked at this: https://docs.netgate.com/pfsense/en/latest/packages/cache-proxy/squidguard.html and this: https://docs.netgate.com/pfsense/en/latest/captiveportal/index.html https://forum.netgate.com/topic/83082/pfsense-squid-squidguard-for-captive-portal-with-ldap-auth-title-edited Then see whether this applies to you case: https://redmine.pfsense.org/issues/10749

@jimp Ok thx to everyone. Decided not to go via VPN route. Worst case will use TOR

@rcoleman-netgate said in Identical Netgate Device ID and Activation Key: Running the SAME NDI on two different systems may be a violation of the terms of service -- but I'm not a lawyer and not an expert on the license terms, either. Thank you for your clarification. This was also what my question was about besides the technical aspects.

@stephenw10 said in e6000sw0port3: link state changed to DOWN: The LAN side DHCP issue could be unrelated. It could be a rogue DHCP server in some other device for example. Check the logs for reported IP conflicts. Hello Steve, Would you be so kind to continue anything you wish to add to this discussion in the other topic? I prepared a post for you there with a reply to your suggestion.

@stephenw10 Thanks. I'll try and tell about

THX @dobby_ i will do that

@keyser said in WAN dhclient (DHCP) issues - bug in time intervals?: vlan.pcp Ah, OK I see, it's because the renewals are unicast and don't use the bpf rule. So, yes something similar is required there. Set the tagging on the pf pass-out rule if they are enabled in the dhclient. Let's see...

@jimp it seems it neeeded a restart after I applied the suggested patches. It just stopped the next day. I will keep an eye on it.

@fireodo said in PC Engines APU2 - 23.01- Working fine: @dobby_ said in PC Engines APU2 - 23.01- Working fine: Did you get it working? Iam using 23.05 RC and 2.7 now No. There is no kernel module for freeBSD 14 :-( Thanks for that information then I could save the time for searching for an workaround, I was thinking perhaps I have overlooked something or was not able to find it right.

It's working thank you. Tomorrow I get the temporary access point for wifi. Cross fingers it goes okay. I'll create a new topic if it doesn't. The problem is the onboard Realtek nic is either bad or just isn't compatible with pfsense.

Yes, check the logs when this happens, what's actually being triggered? I'd also recommend setting the default v4 gateway in System > Routing > Gateways to WAN_DHCP instead of 'automatic'. Steve

@dragonfly said in pfSense on netgate 6100 stops passing traffic multiple times per day: there was an external IP address that was mercilessly hitting the firewall If it was hitting the firewall I assume I was being blocked? If so adding a different rule to block it wouldn't change anything. Unless the new rule is non-logging and hit rate was so high that the number of block logs was creating a significant load.

@jimp said in Change default SSH shell?: While you can't change the default without affecting things like the menu, you can have ssh start whatever you want. There are not a lot of alternatives available, though. But there is bash which you can install via pkg install bash. Then SSH in with: $ ssh root@x.x.x.x -t bash Be aware if you try to use bash -l it will end up going right into the menu if you use root or admin. As a regular non-root user that should be OK. Alternately, consider either having it run your preferred shell at the end of the tcsh .tcshrc or even patching the menu file (/etc/rc.initial) to run it directly for option 8. Thanks! Well, there were a few options, and I think loading it from .tcshrc sounds like the best option, least intrusive :) I'll give it a go!

@ferchu Thoughts? MS AD Server or VM with LDAP & Radius role LDAP Server & Radius Server based on Linux or BSD MikroTik RouterOS with user manager (RB1100AHx4 (ARM)) pfSense with captive portal and the only have allowed to enter the CP menue for managing.

Shoo, managed to get in using pfsenses' IP from a different vlan. Now time to change my shorts.