@OpenWifi Intel i340-T4, i350-T4 or their OEM labeled variants. Here's a couple good articles on cards (and counterfeits). https://forums.servethehome.com/index.php?threads/list-of-nics-and-their-equivalent-oem-parts.20974/ https://forums.servethehome.com/index.php?threads/comparison-intel-i350-t4-genuine-vs-fake.6917/ Great info on that site.

@OpenWifi Then you need a rack mount UPS to go into that cabinet. The device you linked to appears to be something you'd build into some equipment, not rack mount. Also, what about redundancy? Since you're providing service to paying customers, you shouldn't rely on a single point of failure. As I mentioned, when I planned power cabinets, there were always 2 rectifiers, usually with AC feeds from separate breakers.

@stephenw10 Hi Steve, Thank you, it worked with reassigning interfaces and a reboot after. Just reassigning interfaces made pfsense start assigning VPN IP on the LAN :( this is what I tried before. After the reboot it made pfsense get back to normal. Thank you and have a great Easter. Guilherme

Is it really rebooting? What's the system uptime?

Thanks again, don't know how I missed that...

@stephenw10 Yes i did this, but only for one side.

@bgroper Thank you for you reply, I want this not to be allowed at this time. The lab is for pen- testing, and for now the only available point to access from "outside" should be from Win 10 computer to the DMZ:80. Best, rick

@bigchoppers2003 said in pfsense boot stuck at "starting dns resolver": corrupted from a bad shut down. Technically that's possible on anything with a file system. Just because it doesn't always happen, or a device can sometimes self-recover, doesn't mean it can't break. Sorry you ran into it.

You may also need static outbound NAT configured in pfSense for the internal IP(s) you are gaming from. You can't 'pass' UPnP through to an upstream device. However I'd be surprised to find a CGN provider listening for that anyway. Steve

Since I found out I could display gifs it's been amusing me daily.

@JKnott : @cezarq said in ISP bridge mode without Internet just in pfsense box: he computers in my LAN has Internet as expected. so WAN should be up. @cezarq : Why should you want to ping a web site ? Why would a web site reply to a ping ? That IP address is set up to reply to http requests on its port 433, and probably also on the ancient 80. Not '25'. Nothing says it's also a mail server (port 25) or has a SSH access (port 22) or a NTP service (port 123) etc. True, some servers are set up to reply to ping requests, that 's strictly an optional setting, decided by the admin of that web server. It's not the IP protocol but ICMP. Do you pass the ICMP protocol on your LAN firewall ? Where are you ping from ? A LAN device or from pfSense ? You could test ping www.google.com or ping 8.8.8.8 : both are not working ? If the first doesn't work, but the second does, it's a pure DNS issue. Access this page on pfSense : System > Package Manager > Available Packages and does it list all the available packages ?

@ray123 said in Unbound: failed to prime trust anchor -- could not fetch DNSKEY rrset . DNSKEY IN: nabling that support disables support for regular queries (If that's even correct? No enabling dnssec does not disable normal non dnssec - the vast majority of the internet is not dnssec signed.. Is a sad state of affairs to be honest.. While the % of signed tlds is pretty good.. The percent of total domains is not... edit: Here is the site I was looking for!!! https://rick.eng.br/dnssecstat/

@JKnott I did not create a diagram because I thought that what I was trying to achieve is simple… I thought that because I already know how to solve every problem I have IF I configure everything on pfsense. But the real issue here is that I wanna be able to use some amazing fritzbox features. A friend of mine proposed that I could just create a static route between fritzbox (192.168.3.0/24) and pfsense (192.168.2.0/24) but I am well aware of assymetrical routing… Can someone explain to me what is a real life problem that you could face when using assymetrical routing ?

The DNS server runs on a Windows 2016 server. But I suspect you are right, maybe I can set up the route without even changing anything on the pfSense firewall?

@zauberplume: also note that pfSense now supports ONLY 64-bit hardware. Just mentioning this since with an installed pfSense version that old it's possible the underlying platform is a 32-bit one.

There is no way to show them because they don't exist. There is no "changelog" for packages. Package maintainers sometimes post threads in the forum saying what changed but it's not required. Linking to github wouldn't necessarily indicate what changed in a way users would understand either.

@jdeloach said in Sensitive Software & Unable to start vnstatd: @WannabeMKII Sounds to me like you need a Battery Backup UPS that the SG-1100 is plugged into if it is that sensitive when it is not powered down gracefully. Yeah, this is something I'm going to have to look at, just a small UPS for the pfsense box. Any recommendations for a small UPS?