• Sending email with failover, shutdown and reboot

    2
    0 Votes
    2 Posts
    186 Views
    stephenw10S

    If you configure notifications you should get that. You won't see a notice for shutdown but you would be upgrades and for boot-up complete.
    https://docs.netgate.com/pfsense/en/latest/config/advanced-notifications.html

    Steve

  • 0 Votes
    8 Posts
    898 Views
    stephenw10S

    The blocked traffic you showed is on the WAN. To pass that traffic you would need to a firewall rule on the WAN. That screenshot shows a rule in LAN.

    However if you are trying pass the VPN traffic to the Cisco router behind pfSense you need to add a port forward. By default that will add a firewall rule for you:
    https://docs.netgate.com/pfsense/en/latest/nat/port-forwards.html#adding-port-forwards

    Steve

  • 0 Votes
    7 Posts
    803 Views
    D

    Hey, Sorry for the late.

    After the last tests I tried to map one vlan on the LAN NIC and It's OK. So the problem was either the nic used for the VLANs or the switch port used.

    Thanks

  • How to get pfSense WAN to accept VLAN 0

    415
    1 Votes
    415 Posts
    259k Views
    N

    @stephenw10 had a backup machine I upgraded... tested and then upgraded active system.

    Still have a question on if backup config file should be in root of FAT32 partition or in E:\config\ -> I had it in both.

    Process I followed was to:

    change interface to em0 pre-upgrade and disable the shellcmd script. Take backup and upload to usb key Connect my Bell MTS ONT to pfSense Reboot and install new

    This found the config, recognized and got internet DHCP address for WAN on em0 and installed packages as there was an active internet connection.

    No other config changes were needed.

    This has been quite a journey from when I first started this thread! Glad to see my script is no longer needed.

  • Backup Failing

    12
    0 Votes
    12 Posts
    1k Views
    S

    Works ok now for some reason!

  • Deleted pfSense Package Settings Appear in Backup

    6
    0 Votes
    6 Posts
    591 Views
    bmeeksB

    @alteredstate said in Deleted pfSense Package Settings Appear in Backup:

    @bmeeks What happens when I import the backup containing config settings for packages that are not installed? Will those config settings become null and void or appear in the next backup? I would like for said config settings to disappear when I import the backup.

    If you import a backup with those settings in it, then they will return and stay. You would have to repeat the process of installing the package again, unchecking the box to retain settings, then removing the package.

    You may find it easier to simply edit the config.xml file directly before importing it. If you have any familiarity with XML, then you can very quickly see how to remove the section pertaining to a given package by simply studying the layout of the config.xml file and deleting the appropriate section.

  • Log Rotation Issue

    19
    0 Votes
    19 Posts
    2k Views
    jimpJ

    @Matt_Sharpe said in Log Rotation Issue:

    Another query would be, is it possible to move the /var/log partition to a dedicated disk in PFsenses?

    It's possible in FreeBSD but there isn't any supported way to do it in pfSense. Someone familiar how disks/partitions works in FreeBSD should be able to set it up without too much trouble, but it may also take some manual adjustments in the code since pfSense has to make a lot of assumptions in that area.

  • pfSense Router recommendations?

    24
    0 Votes
    24 Posts
    4k Views
    stephenw10S

    That would work.

    The default config for any Netgate device uses the first port as WAN. I would always recommend using that because it makes reinstalling or resetting far easier.
    https://docs.netgate.com/pfsense/en/latest/solutions/netgate-4200/io-ports.html#networking-ports

    So:
    Port1 = WAN
    Port2 = LAN
    Port3 = DMZ
    Port4 = WiFi perhaps

  • Deactivating service 19001-tcp due to excessive incoming connections

    3
    0 Votes
    3 Posts
    461 Views
    J

    @stephenw10 I noticed that this happened whenever I enabled a NAT rule, so I followed this tutorial https://docs.netgate.com/pfsense/en/latest/recipes/port-forwards-from-local-networks.html and changed the NAT +Proxy for Pure NAT, and I checked both checkbox options... it worked, now logs no longer appear every 15 minutes... thanks

  • IPv6 over pfSense 802.1q VLAN limits ICMP6 data size to 1240 bytes

    1
    0 Votes
    1 Posts
    162 Views
    No one has replied
  • What are functional differences between pfSense+ and pfSense CE?

    3
    0 Votes
    3 Posts
    440 Views
    S

    @mrblithe https://docs.netgate.com/pfsense/en/latest/general/plus.html

  • 0 Votes
    36 Posts
    4k Views
    johnpozJ

    @throttlenerd electronics don't last forever, and have seen switches - especially the cheap 20 variety fail in odd ways..

  • error showing up in log

    6
    0 Votes
    6 Posts
    1k Views
    K

    @kdmiller61 said in error showing up in log:

    install: //boot/efi/efi/boot/INS@cJq5yv: No space left on device

    I followed these instructions and I appear to be good to go

    https://forum.netgate.com/topic/184661/unable-to-upgrade-from-2-7-1-to-2-7-2-unmounting-boot-efi-done-failed/22

    Keith

  • ANNOUNCE: ansible collection pfsensible.core 0.6.0 released

    1
    2 Votes
    1 Posts
    397 Views
    No one has replied
  • SSL certs handling and HAproxy

    136
    0 Votes
    136 Posts
    31k Views
    L

    In the end, the point is to have two new things;

    1: varnish server to handle caching

    2: fixing the haproxy configuration so that it's actually load balancing those web servers.
    That was an interesting find. I don't know how pfsense was sending traffic to the web servers without haproxy actually working.
    Maybe it automatically round robins since the servers are listed in an alias?

  • PfSense VPN to local services ?

    5
    0 Votes
    5 Posts
    594 Views
    stephenw10S

    OpenVPN is probably easiest to setup for this from pfSense but Tailscale should work.

    Yes, it's probably a missing firewall rule somewhere.

  • <shellcmd> in interfaces not working

    4
    0 Votes
    4 Posts
    406 Views
    stephenw10S

    shellcmds don't go in the interfaces config like that. They would never get run there. They should be in the main <system> section, you will see the package has added them there.

  • How to Create OPT1

    Moved
    2
    0 Votes
    2 Posts
    144 Views
    S

    @ggpf You can just add it:
    https://docs.netgate.com/pfsense/en/latest/interfaces/configure.html

  • The oldest hardware still running pfSense+ 23.09

    5
    0 Votes
    5 Posts
    526 Views
    D

    I have several residential clients, and I have been promoting the Netgate appliances to them. My selling point has been that, unlike with consumer-grade equipment, their Netgate devices will not become insecure, as long as the latest pfSense version is installed. My most recent client has a Linksys E1200, which saw its last firmware update in 2018. Furthermore, there is no guarantee that that firmware update fixed all known vulnerabilities. With pfSense and its open source nature, I have much greater confidence that security holes are discovered, and are fixed soon enough thereafter.

    If a client who now has a Netgate 1100 today upgrades to a 10 Gbit/s connection (available, where I am 💪💪💪) at some point in the future, his connection will still be safe, but he will have to upgrade his equipment to take advantage of that bandwidth. My selling point always is security and a little bit self-serving in that I am familiar enough with pfSense to provide the features he requires.

    I usually set up separate subnets and corresponding Wi-Fi SSIDs for the family, for guests, and for home automation. One client I set up with a separate SSID for his kids and had the access point they connect to switched on and off with a smart switch, so that the parents can enforce bedtime. I doubt that consumer-grade hardware makes that as convenient as that setup ended up being.

  • Internally route devices to WAN

    49
    0 Votes
    49 Posts
    8k Views
    VioletDragonV

    @johnpoz yeah sorry just a bit worried of sharing information I will PM information over to you if that’s okay. Will be later on this afternoon.

    Regards.

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.