Thank you! smooth as silk, before restoring config I verified that the order of em0 em4 was associated in the same way and everithing is perfecly working. I only had do install some packages Nicola

polkit is not a part of pfSense, nor is it available in our package repository, either directly or as a dependency. Given that polkit is usually a part of a graphical console environment (think: X.org and similar) that is unlikely to have been installed on a firewall anyhow. That said, similar to the situation with log4j, we can't always control what people pull in manually from third party repositories, so maybe if someone did something really bizarre they might have to manually track down and install an update, but since it didn't come from Netgate, there isn't anything we can do.

You're welcome, glad to be of help.

The method is the same for any PCI-device you want to pass through. In the documentation, which I now suddenly understand, they have command line examples using a graphics card with sound chipset on it. They may show up as separate devices (IOMMU groups) but you might want to pass them both together... hence "All functionality"... Anyway, as you say, now I have a much better solution than renaming devices. Which is actually the way I tried to set it up a long time ago...

It's possible to do that. You have to use policy routing with a load-balanced gateway group setup with both remote side IPs as gateways. However that only works for multiple connections between the sites. For a single file transfer for example it will only use one tunnel. Steve

Yes open a ticket to get the latest reinstall image if you do bot have 21.05.2 already: https://www.netgate.com/tac-support-request We did put in place measure to prevent installing incorrect packages. I know that works in 2.4.5p1 from a clean install since I recently tested trying to break it. If you came from an older version that than though it may be possible. Steve

@stephenw10 Only when saturated. Yes for now, I figured I'd give it some time to see if the issue persists or was a coincidence. ok. If this works, its a decent temporary fix, but in the future I may have multiple IPs that could saturate the upstream.

@wellcomefit EDIT, replace ! with |

@stephenw10 I'll try it out!

@ryan29 said in Listening for WAN outages - possible?: @furom Something I find useful in your situation is to ping multiple IPs. It can help you get an idea of where the problem is. I usually do something like this from a workstation on the LAN: LAN GW - This can help discover issues with on-site cabling and equipment. This is the pfSense LAN IP. WAN IP - This can help discover issues with the firewall (ex: maxed out CPU). WAN GW - This can help discover issues with the ISP. ISP DNS - This can help discover issues with the ISP. 1.1.1.1 - This can help discover issues with the ISP or the Internet in general. If you have several days of stats from all of those, you can look at outages and see where the issue starts to occur (local vs ISP vs Internet). This was interesting, thank you! I like that it's simple, yet gives a broader view, Will give it a try. :)

@stephenw10 said in Get Swap Space Failed: Ok, did you check the memory usage history in the monitoring graphs? As I said, just restart the pfsense vm and everything worked again, then I sleep until work hours are over and I can log in to monitor... I don't like to touch anything when it's producing $

Hmm, just to be clear pfSense Gold was never a pfSense build/image. There was included with it a .ova image which you may be referring to. That is no longer built. Steve

@fejzulla-neziri It's all here : Virtualizing pfSense with Hyper-V This install uses 2 ( add a second NIC, it will expose the pfSense LAN to the outside, so you can hook up other devices like printer, nas, AP, other PC's. Is possible to use the doc so your setup uses just one NIC, this one which be reserved for pfSense, as the WAN. The host system (W10) can not / should not use this NIC. When you finished this setup, you can activate more VMs, and attach them to the internal LAN-hyper-switch.

@jimp frr only ruuning ipv6 bgp, no ipv4 bgp. the system static routes only setup ipv4 route.

Do you see blocked traffic in the firewall logs on any if the interfaces?

@viragomann Wow, thank you! Worked right away. :)

@jimp said in CSRF token - Faulty unit or perhaps bug?: Google CSRF attacks and you'll find much more info. I will do that, thanks! :)

@johnpoz hehe, only my friends and my home systems (Home Automation). My friends know better than go looking for Pron on my systems, they've been redirected to some of the more 'interesting' sites. ;-) They still can't unsee that.

Tried posting my issue, but Akismet sees it as spam for some reason. I am having a very similar, albeit a bit different, issue with Dynamic DNS. I added my post to pastebin.