@stephenw10 freeradius does not natively support TOTP. Indirectly it can be supported, for example in Debian I use freeradius together with libpam-oath and oathtool (for example), where I can specify a "self-centering" tolerance window, meaning that after authentication the system knows the time offset of the client and centers it in the its window of "tolerance" The fact is that if you don't use systems of this type it is almost impossible to use hardware tokens. Luca

@mauro-tridici CASE closed: adding a new filter rule in /etc/rsyslog.conf I had been able to have a new file with only the information related to pfBlockerNG logs. Many thanks to all of you for the help. Mauro

I meant do you have access to the OpenVPN server or the application server to check for incoming connections? If you don't then check at the pfSense end for the expected states when you try to connect.

Yes, this is likely to have been hitting this: https://redmine.pfsense.org/issues/14288

@DenBeiren Use a webservice like https://www.whatismyip.com/ on every host I guess.

Ok, then I would try setting a limit on the arc.max initially.

Mmm, the promiscuous setting is new in 23.05. I would guess something failed to upgrade resulting in a mismatch somewhere.

@dakapo said in Slow upload speeds - download is fine (XGS PON): The current situation is as follows: I did a factory-reset of the Zyxel yesterday in the afternoon. Since then the upload-speeds are fine. I continue observing the situation and will report about any changes again here. That is encouraging news. ️

Be nice to show other things there maybe.

@bmeeks said in Potential bug in advanced setting not being saved: @jimp has already created a patch for this here: https://redmine.pfsense.org/projects/pfsense/repository/2/revisions/073a6baceffc4a363eac9369cc036fc7b19b919e. The original Redmine ticket is here: https://redmine.pfsense.org/issues/14425#change-67694. I suspect you can apply the patch using the System Patches package. Thanks a lot, I missed that one :)

@SteveITS thank you Steve :)

@Dobby_ These are my settings which I guess is why dashboard is ok. I decided to try setting up a monitoring tab for thermal sensors and selecting Advanced/Reset data, I assumed this would just reset the thermal sensor data, but it reset all RRD history. Documentation does say it clears all files! At that point, the thermal sensor tab started working and ran fine overnight. I now see this is stored in /var/db/rrd so maybe if had deleted /var/db/rrd/system-sensors.rrd it would have fixed the problem and kept my other history, too late now!

Ah, nice! That looks like an issue with the NIC firmware then. Odd that you didn't see it before.

@SteveITS Thank you. I followed a few links to test the onboard memory, and it turns out mine was pretty dead. I threw a new Transcend 512GB (TS512GMTS430S) in the Netgate 2100, flashed 23.01 on there, restored my config, and I've been solid for 2+ weeks. I will be looking into cleaning up my logging to reduce wear and tear. Thanks everyone!

Thanks Steve, I will do... in a few days ;-)

The cert error you see when updating against 23.05 is not related to this ancient thread. It's probably because the pkg repo is using data for the wrong branch. The first thing to try here is to go to Sys > Update > Update Settings and resave 23.05 as the elected branch. That will copy in the correct certs and keys for 23.05. Steve

Do you see pfSense logging anything when you hit a latency spike? Like filter reloads perhaps?

You need to run some tests to see what's failing. Try to place an incoming call, look for the SIP traffic from the PBX on the correct WAN. If it's not there look on the incorrect WAN to see if it's sending it there. If it doesn't arrive at all the phone is probably sending a bad IP for the PBX to connect to. Check the SIP registration packets to see that. It would be surprising that audio works both ways if it is sending the wrong external IP though. Steve

@NollipfSense said in log reading to find out why my fw crashed: @jc1976 said in log reading to find out why my fw crashed: hmmmmm i wonder if that's it.. could the squid cache overflow from all the downloads be causing the problem? Sadly, it sounds more like a hardware issue...how is the hard-drive? If you're using Squid for the antivirus, I doubt it. I'm sorry for getting back so late.. it couldn't have been a hardware issue as all has been fine since.. absolutely zero problems. it had something to do with setting up that linux box and running updates. no idea why.. and it was long enough ago that i don't remember it all, but after reading through my original post to the end where i wondered if it had something to do with the caching of updates and maybe the cache became full and it caused a kernel panic? no idea.. pfsense on that little dell has been so reliable that it almost works against me in that since there aren't any problems, there's no impetus for me to learn how to decipher the logs.. anywho, i ended up going a different route with building my media server, using win10 ltsc IoT because the various applications i was going to be running, that was just a better route to go over debian. (sonarr/radarr/lidarr/nzbget, handbrake & makemkv, and plex server are all first and foremost made to run on windows).. just wish i knew how to read the logs..