Nice. Yeah if it;s really just L2TP without IPSec then you really need to be aware of what's going across it. Leaving it enabled shouldn't really be a huge problem since only traffic from the configured remote site would ever be allowed. I would still investigate using something other than the LTE router to terminate a VPN so you can use a real VPN if you can. Steve

Ah, yes IPSec will grab that traffic and it's not obvious.

Yeah, not seeing anything that looks like a memory leak or CPU use. If you can hook up a console and log that you might catch something that doesn't get entered into the logs.

@stephenw10 Yeah ok, looking at the emails I got, it looks like the UPS ran out of power before it could fully shut down, but it was shutting down when the UPS ran out.

@michmoor Yes.

Yes I agree and thought it was originally. Most common reasons for 502 error is server side but also can be network related. Turns out NOT PF Sense ("probably not PF " == NOT PF) but probably the Ubiquity Gear. I just got out some cables and connect the Mac to physical port and turned off Wifi. Got there without issue. The DNS, Whois, etc. seems to show different items in that the Registration appears to be domains@bevisible.com with an IP of 35.190.57.191. However, the certificate today looks different than the one from yesterday. Originally on their website and logged into the site with Chat when tried a link of the page. Got the error. Thus, thought they went down. Now makes me wonder if something is spoofed from UBNT gear. Thanks for looking! On to UBNT configs. ;-)

No DPD is a separate function. https://github.com/pfsense/pfsense/blob/master/src/usr/local/bin/ipsec_keepalive.php Steve

Ah, yes if something was holding open the states that would do it. The states from the tests would have to match it though and they would normally be different each test. Steve

A better tool for this would be Diag > States filtered by the destination IP. The photo above really doesn't show enough to be useful here. Screenshots of your firewall rules on LAN and LAN2 would also help. And any floating rules you may have that apply to LAN or LAN2. Steve

@stephenw10 look at the different IPs they coming from - bet you beer its "spam" incoming ;)

Hmm, no I meant status but I'm also seeing the same output... The status data might show more. If I could work out the syntax!

That may or may not work depending on how the Sophos handles duplicate P2 connections. It will appear to overlap the existing P2 at the Sophos end. If you have control of both ends of the tunnel just add a new P2 to cover 10.3.1.0/24 (?) to 192.168.40.0/22. Or something more specific if you like. Steve

@rcoleman-netgate Thanks, now I feel like an idiot I made the change and it now its displaying what I would have expected.

@datsys Don't over look the Lenovo quoted above made between 2016-2020; many from corperations and gov came off lease and are selling cheap on eBay, especially if you get one without an OS. Then, you can get dual 128GB SSD for raid set up and max out the RAM for less than $100. I see Lenovo m900 SFF box with 6th generation i7 and DDR4 RAM for $98 with no HD on eBay. Keep in mind whatever you get should/must be able to do AES-NI CPU crypto.

@lawmans3 Congratulations on purchasing a Haiwei device. This is from eBay and may help Netgate administrators in providing a solution to your setting issue since I have no direct experience with Vlan...see images below. [image: 1673975138768-screenshot-2023-01-17-at-10.58.42-am.png] [image: 1673975161194-screenshot-2023-01-17-at-10.59.11-am-resized.png]

You can use any private subnet for the pfSense LAN as long as it doesn't conflict with any other connected subnet. In this case the Starlink router is using 192.168.1.0/24 already so you need to use some other subnet for the pfSense LAN. By default it uses the same subnet creating a conflict. Steve

@stephenw10 Issue turned out to be a Traffic Shaper that I didn't realize was setup. Thank you all for your help.

@toni-martinez we have some sort of translation error going on here I believe. What IP is on the printer 192.168.0.240, or 192.168.6.240 Which IP does your hostname point to? How could it point to both. The printer is either on the lan or its on the warehouse network. How could you have it on both?

Hi Steve, thanks for the Information, so i had to fix the toggleing ARP issue, i use mostly emulex NICS ;-) best regards ré

Yeah if you just disable RAM disks there's no restriction on the size of /var or /tmp.