@stephenw10 said in No log entries: mber that opened a state. Then you can check which rule that was using: pfctl -vvs got it. ill do some testing today and report back.

Yes, that would leave you with the default sysctls.

It shouldn't just freeze. But if that's a real concern for you then setup an HA pair. Or maybe some OOB access to the console. Steve

@stephenw10 Thank you Steve! Late last night I realized that VLAN10 needed to be tagged on port 5 but completely missed removing port 2 from VLAN1. This got Wifi sort of working. The Airport would get an IP and DHCP clients would get IPs but this would hold for about 20 seconds and then it would lose its IP for 20 seconds, then get another for 20 seconds, endlessly cycling. I kept thinking I must have the DHCP service misconfigured somehow. Once port 2 was removed from the VLAN1 list everything started working properly. Thanks again Steve. As you can see I have the VLAN10 and VLAN1003 firewall rules set wide open while trying to figure this out, so the next step will be to lock them down more.

@jimp Ok, maybe. I actually went away to make breakfast and came back and was sitting at the login screen. So I don't think it was a timing related thing of being too trigger happy. I remember seeing this once before during the 22.05 betas and it's definitely just a cosmetic thing, so I won't worry about it. Let's see if any other people report it.

Not with pfSense. Not if you actually want to be able to use both 4G links for a single connection.

Necroposting a vague message on a 5 year old thread, they're most likely a spammer/spambot.

Understanding your wish for personal support... But as this is a forum, i think it helps everyone (well, at least more than one individual) when such stuff is posted for public, since many ppl might contribute knowledge and experience AND many can get some helpful input. Jm2c :)

@bearhntr said in pfSense 2.5.2 - Web Console super slow: @bmeeks When I had it setup before -- I was using the ORBI as my Router - DNS - DHCP...and Windows AD DS also seemed to be working in conjunction - but I would get strange outcomes from things there too. As I said, when using Windows AD, you really must use a Microsoft DNS server in order for all of the Active Directory things to work. Some bits and pieces might sort of work with a non-Microsoft DNS server, but some key parts will not work and lead to the strange outcomes you referenced.

@stephenw10 Yes, thanks for that, downloading the config file and examining it , I saw my old pwd described under "gold encryption password" as well my newly created one . Did another manual auto config backup , made a minor change to one of the comments on a VLAN then did a full restore to its previous state - all fine . I honestly had no appreciation before that literally everything is present in that config file - unhashed passwords, digital certificates etc, not a thing to leave lying around !

@nizo67 It is working fine with squid now. The desired sites could be blocked. Thanks to all of you for your help and support. Have a nice lovely weekend. Regards

pfSense will only allow access from the WAN side by default if there is only one interfaces assigned. As soon as you assign two of more interfaces all connections to WAN are blocked by default and you need to add WAN firewall rules to allow them.

@aysman The state table gives you information about active connections. Go to Diagnostics > States to view them. You can select a specific interface where the PCs are connected to and enter a filter expression, e.g. ":3389" for the default RDP port. If you also want to see the history add a pass rule to the respective for destination port 3389 or whatever and enable the logging. Then you can look for connections in Status > System Logs > Firewall.

@sylvain said in Unknow Problem ... maybe Hardware Failure: panic: NMI indicates hardware failure A Non-maskable interrupt (NMI) is always a very heavy problem that is in almost all cases a hardware-problem. A reinstall of pfsense ... i doubt that that will be helpful. Maybe boot the machine with Memtest and see if there are any errors. (If it is possible) My 2 cents, fireodo

Running a speedtest at each end if not using the same route as traffic between the sites so you may simply not be passing whichever hop is throttling you. If you can't see the speed with iperf though you will never see it in FTPS. Steve

So after a chat with my ISP they offered me a free public IP, all my rules work again!! Thank you all for the help i'd never come across CGNat before. The more you know.

@stephenw10 Thank you

@sabsan that is SSDP normally - yeah your going to see in logs.. But as that looks spammy as get out.. (looks like only 2 seconds).. I would look to that device to turn that spammy noise off. But if not setup a rule to not log that..