@dotdash:

I think there is something incompatible with the motherboard. I'd try loading another OS on it (Linux live bootstick?) and see if it recognizes the card. The chipset in general shouldn't be a problem with FreeBSD, is it possible the unit has a bad mini-pcie slot?

Indeed. This unit has a mini-pci slot that only accepts WWLAN 3G/4G cards and not WiFi cards. I got this info from motherboard supplier.

Thanks for the help!! :)

kind regards

Great info, ty! I will be internet only. Interested in the 50/50 plan. Don't need tons of throughout but the competing cable provider isn't very attractive so looking into fiber.

Awesome, thank you for helping solve this!

I'm sure you've checked but is your outbound connection saturated by some bandwidth hog?

Thanks for the info, but I did find a way. I added "interface ignore wildcard" to ntpd.conf and Hallelulia it works! That only leaves php-fpm. Any ideas on that one?

Dang, I was afraid that was going to be the next step…

Thanks!

172.16.15.38 lies in rfc1918 address space it wouldn't be routable on the internet.

Click on the spanner under gateways and display both, guessing you have a "Rogue" monitor IP thats got in there somewhere, delete it if it shows.

Also check System -> Routing -> Gateways -> Edit

Thinking about it, maybe someone has configured 172.16.15.38 on the OpenReach VDSL modem and pfSense has piclked up on it, you can get stats off some of them.

Websocket runs over standard HTTP/S connection, so your only option is DPI systems.
Snort and, probably, Squid (denying Upgrade request).

Use of protocols that are designed for the same local network, be it broadcast or multicast.. Are meant for devices on the same L2 network.. If you have a TV that wants to find your sonos speakers for an example via such a protocol.. Simple solution put them on the same network! Done..

Jimp point here is that what protocols your devices use on some local network has zero to do with pfsense..  If they want to talk UPnP or or SSDP or DLNA between each other you have zero to do on pfsense for that to happen..  If you have some sort of broadcast or multicast protocol you can try out avhai which helps with mdns, etc.  Or you can play with igmp proxy for your multicast stuff.  Which is most likely done better on your switch setup..

To be honest devices that require such nonsense as having to be on the same L2 to work, I wouldn't use those - vote with your dollars..  Nice that they want to make these things easy for the idiot user to just plug and discover via some broadcast/multicast protocol.  Great.. But allowing me to put in an IP or a FQDN of the device it wants to talk to should also be a option..

tbh, that was a stupid fast integration, thanks alot for a great product and awesome response!

Well I would not go looking for other issus until that is solved. As you say IN errors on WAN would affect download more than up.

So that is a 10G copper NIC connecting to a 1G device? I assueme (but suggest anyway  ;)) you have tried swapping out the cable?

Can you not use a 1G NIC directly for WAN?

Perhaps I've misunderstood your setup.

Steve

@doktornotor:

If you mean what's actually listening on pfSense itself:

netstat -an | grep LISTEN sockstat -l

Yes, thank you that's what I meant.

Regards.

I found this command:

/usr/local/sbin/pfSctl -c 'interface reload wan'

but it seems it doesn't work in my case

interface description of pppoe interface: DYN1
if I do ifconfig I see pppoe0 interface
it's using em2 physical interface

which is the command to try in my case?
please help me

I checked the box but I'm still getting the same behavior.  When I look at the state table I'm seeing this…

LAN tcp 10.10.10.227:32400 -> 10.1.1.186:52925 CLOSING:CLOSING 8 / 0 2 KiB / 0 B
LAN tcp 10.10.10.227:32400 -> 10.1.1.186:52939 CLOSING:CLOSING 8 / 0 2 KiB / 0 B
LAN tcp 10.10.10.227:32400 -> 10.1.1.186:52986 CLOSING:CLOSING 12 / 0 5 KiB / 0 B
LAN tcp 10.10.10.227:32400 -> 10.1.1.186:53008 CLOSING:CLOSING 8 / 0 2 KiB /

Does this mean that the firewall is closing the session or 10.10.10.227?

Any other ideas?

Thanks for the help.

I'm pretty sure it's mpd5.

Avahi is only for mDNS discovery, not for generic broadcast protocols. If Sonos products use or can be made to use mDNS it should work with avahi.