• Change the CN (common name) of a user certificate?

    3
    0 Votes
    3 Posts
    513 Views
    stephenw10S

    Indeed you have to create a new certificate with the CA. You can't edit a cert, that would break the chain of trust.

  • ZFS POOL UPGRADE?

    6
    0 Votes
    6 Posts
    615 Views
    provelsP

    @stephenw10 said in ZFS POOL UPGRADE?:

    No I would not upgrade the ZFS pool.

    Good advice. I tried it a while back and system became unbootable.

  • GRE Tunnel using Proxy ARP

    14
    0 Votes
    14 Posts
    2k Views
    stephenw10S

    Sorry missed the replies here.

    It looks like you're using the webgui cert as the server cert? It has to be a cert created against the server CA.

    It also looks like the TLS key is different. Both ends must have the sane TLS key.

    You also still have a bunch of routed tunnel settings like pushing routes and adding gateways. But I'd fix up the cert/key first before looking at that.

    Steve

  • Resolved: Upnp not successful nat moderate

    4
    0 Votes
    4 Posts
    555 Views
    JonathanLeeJ

    I found the issue I changed the OPT1 name and it would not change in the config.xml so it does not bind to the new name, I set it back to OPT1 after seeing that the config.xml did not recognize this as selected for upnp section of the code and it worked.

    It is like the name change messed up somehow

  • BGP - unrecognized capability code: 128

    Moved
    6
    0 Votes
    6 Posts
    969 Views
    M

    restarting only OSPFD produced nothing but restarting the pfsense 2.7.2 box output this on pfsense+ 24.03

    2024-05-06 10:56:04.896 [WARN] ospfd: [MS0DP-CEKYV][EC 134217751] Point-to-Point link on interface ipsec2 has more than 1 neighbor. 2024-05-06 10:56:09.660 [WARN] ospfd: [MS0DP-CEKYV][EC 134217751] Point-to-Point link on interface ipsec2 has more than 1 neighbor. 2024-05-06 10:56:11.667 [WARN] ospfd: [MS0DP-CEKYV][EC 134217751] Point-to-Point link on interface ipsec2 has more than 1 neighbor. 2024-05-06 10:56:22.682 [WARN] bgpd: [JG0WZ-7X009][EC 33554504] 10.255.255.254 unrecognized capability code: 128 - ignored 2024-05-06 10:56:24.339 [INFO] bgpd: [M59KS-A3ZXZ] bgp_update_receive: rcvd End-of-RIB for IPv4 Unicast from 10.255.255.254 in vrf default
  • Setting a different monitoring IP.

    6
    0 Votes
    6 Posts
    339 Views
    JKnottJ

    @cometphoton said in Setting a different monitoring IP.:

    what is the next hop in the trace.

    I just did a traceroute to Google and picked the first address that worked.

  • User settings

    1
    0 Votes
    1 Posts
    75 Views
    No one has replied
  • NIC temp

    6
    0 Votes
    6 Posts
    384 Views
    stephenw10S

    AFAIK there's no way of reading the actual NIC chip temperature there. If the module reports a value that's the only thing you can check.

  • Remove Plus upgrade option

    2
    1 Votes
    2 Posts
    248 Views
    stephenw10S

    That can only be done manually currently. If you send me you NDI in chat I can remove it.

  • Can pfsense detect requests and routing to set hostname

    39
    0 Votes
    39 Posts
    2k Views
    stephenw10S

    Did you try to open it with curl like I showed above?

  • ARP TABLE Refresh time for Wake On Lan

    5
    0 Votes
    5 Posts
    808 Views
    stephenw10S

    @Unoptanio said in ARP TABLE Refresh time for Wake On Lan:

    just add it in the /etc/sysctl.conf file?

    Nope, pfSense doesn't use that. The system tunables table replaces it so add it there if you need to.

  • 0 Votes
    20 Posts
    2k Views
    J

    @stephenw10 - Right?

    Thanks for all the help!!

  • pfSense arhitecture support

    6
    0 Votes
    6 Posts
    516 Views
    stephenw10S

    There are several threads about boxes with N100 CPUs specifically where the default power settings in the BIOS interact unexpectedly with the speedshift driver in FreeBSD/pfSense.

  • The oldest Netgate hardware still running pfSense+ 24.03?

    12
    0 Votes
    12 Posts
    807 Views
    provelsP

    @DominikHoffmann said in The oldest Netgate hardware still running pfSense+ 24.03?:

    it’s good to know that in 15 years my Netgate...

    By that time you may need a 128bit processor!

  • Showing 23.09.1 as up to date

    14
    0 Votes
    14 Posts
    638 Views
    stephenw10S

    Responded in chat.

  • Multiple WAN IP's on one PPPoE how ??

    2
    0 Votes
    2 Posts
    139 Views
    stephenw10S

    You would usually add VIPs (IPAlias) on the WAN for each additional public IP. Then change the outbound NAT rules to manual and add rules for the internal subnets via the appropriate VIP.

    https://docs.netgate.com/pfsense/en/latest/firewall/additional-ip-addresses.html#single-ip-subnet-on-wan

    Steve

  • Advice needed - ZFS Mirror creation after install

    5
    0 Votes
    5 Posts
    506 Views
  • No package list in Available Packages on pfsense 2.7.0

    3
    0 Votes
    3 Posts
    502 Views
    S

    @Gertjan Thanks , the trick at the end was "just " the cert , it is not mentionned explicilty in the post with the command but part of the actions to make.

    For benefice of the Forum Q, command to run is

    certctl rehash

    This info is from PFsense Troublehoosting Manual
    Solved !
    Thanks !

  • TAC Lite

    3
    0 Votes
    3 Posts
    194 Views
    stephenw10S

    Mostly it gives you access to the pfSense Pus pkg repos. It's the entry level subscription that does so.

  • Restore issues: Apply Changes button missing, Save does not reboot

    17
    0 Votes
    17 Posts
    2k Views
    S

    I rediscovered this today restoring two 3100 configs to 2100s. Short version, clicking Save before clicking Apply does work. Clicking Apply first results in an inaccessible router (aside from console).

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.