That does appear to be a bug affecting the time zone display: https://redmine.pfsense.org/issues/7714

@pilotboy72: Hope it's soon, but looking at redmine.pfsense.org there are still 79 open issues as of today.  Seems like it may be more than a month. Most of those are not critical and will be pushed to 2.4.1 or later. We don't always keep that list up-to-date as things progress, since people can assign any target version they want when creating an issue there, that doesn't mean it'll stay. Also some older bugs that we thought we might have time to fix may get pushed again since there still isn't a viable solution or time to make one, etc. Expect that list to shrink. Rapidly. Soon. :-)

Why not just add a tld, single label domains not really a good idea.. If you like local, I do ;) But I use local.lan for my domain - this tells me its the local lan ;) hehehe

The pool option was added in the 2.4 betas. If your syncing with non pool, it is more likely that the pool you were syncing too just went offline and you have not picked a different one.  If you look to see what IP your checking you can just look that ip up on the pool site.  They list all servers that are members of the pool. The could be blocking you - you would want to sniff the traffic and find the point when was working and then it stops working..  Just look to see if pfsense is actually sending the query - and you don't just get an answer? You can check this site for getting a ntp server up and running on a pi http://www.satsignal.eu/ntp/Raspberry-Pi-NTP.html It will for sure get you started..  There is also other threads here about supply a pps signal to pfsense..

Did it work with SSL-Session-ID without SSL offloading? I'm still curious.

Yeah, and key + pass auth for everything internet facing. There was a thread not too long ago where a users pfSense box was accessed via VPN with a weak password. Use keys anywhere you can.

Or : use a Wifi capable device, use it to connect to the WLAN device, login and change it's IP.

No one, then?

Which is exactly the behavior if you are actually at the CLI (shell - option 8) and not the menu. https://redmine.pfsense.org/ File a feature request.

Basically, pfSense is a router which means it routes traffic from one subnet (e.g. WAN) to another (e.g. LAN) and vice versa. With only one interface it can do stuff like serving DHCP addresses but obviously it cannot route. Filtering HTTPS means you have to implement a man-in-the-middle scenario to see and filter traffic which usually is encrypted (hence HTTPS). Good luck with such a task in general and your given networking skill-set on top. Advise of the day: start small! Use pfSense as a router and firewall, add packages as needed and learn about networking. That's enough to keep you busy at least until this winter.

2.4 will be on 11.0, 2.4.1 will be on 11.1. Given the timing, depending on what we find in testing, 2.4.1 will be very close behind 2.4, but we do want to get 2.4 out sooner than we could if we delayed to wait on 11.1 testing to pan out.

so your natting between local networks?

Verizon internet > router1 (10.10.50.1) > (10.10.50.10-WAN)pfsense(10.10.55.1-LAN w/DHCP) > router2 in Bridge/AP mode (10.10.55.10 on DHCP lease) On router 1 please deactivate the DHCP Server On router 1 please set the DNS from your ISP or from Google On the pfSense firewall the DHCP Server can be turned on On pfSense please set the WAN IP address static to (10.10.50.10/24) On pfSense please set the IP address from the router 1 as the DNS server and leave all other DNS entries blank On router 2 you should put it in the WLAN AP mode without SPI/NAT because you are then behind a so called triple NAT situation and this will often cousing some different errors that will be not so easily to find out! On router 2 as the WLAN AP now, you should set in pfSense firewall the LAN port where the AP is connected to as working as an AP  and give them please another IP address range and use routing there. It would be mostly fast as before but without any issues. Set an extra DHCP server on pfSense for that WiFi network.

i'm on 2.3.4 - p1.. the newest. also the problem occured on that nic, while these are good places to start i was wondering if anyone ran into anything like this before, or if this was indicative of possible hardware failure… thank you

If you have a decent L3 switch you can accomplish this without going the Long Distance. And the other benefits from doing that is freeing the pfSense box for more or other activities on top you will be able to get a second feet to stand on, if the pfSense box is failing normal work inside of the LAN can be done within, so no interrupt for all employees will be there. And all with wire speed. Just setup routing between vlans and limit the traffic with ACLs on your switch. QoS, ACLs and MacSec are often here your friends to get a better balanced network load and flow, gaining the security up and be able to regulate the packet flow. Then the traffic moving between hosts in VLAN100 and VLAN200 never need to hit your edge router. Only if there are not servers inside of the DMZ, that must be touched from the LAN side. At that point you could get rid of the VLANS in your pfsense setup and use a "transit network" to connect your L3 switch to pfSense. Good point, I use it also in that direction. If you need a good L3 switch for SOHO use the cisco SG350 is great.  Lots of features. Cisco SG350 series or the D-Link DGS1510 will be fine and really cheap to get.