Well…
Something booted from something. FreeBSD is present on a drive .....
Btw : before the BIOS even knows it HAS drives in the system, it menu is accessible. The method of accessing has nothing to do with FreeBSD or pfSense. See the bios manual for the procedure.

When the USB booted (the pfSense pre installer) , AND it recognizes a disk where it can install TO, then the install menu will be shown. This menu will offer you to empty your SSD drive .
Of course, if these conditions aren't met, nothing will ne shown ... because nothing can be done.

Would seem this is a known FreeBSD bug, and has been fixed in pFsense 2.4 beta release available now.

https://forum.pfsense.org/index.php?topic=119497.0
https://redmine.pfsense.org/issues/6949

Hi NogBadTheBad,

Thanks for your information. I forgot to inform you for my pf. My pf is running on vmware and now I was fixed this issue.
For my setting on my vm host I have cofigure vlans to an interface and enable "route based on the originating virtual port ID" also setting lan to vlan id to 4095 finally setting port switch to tagged.

Thanks.

First make sure you enable ssh and can login to pfSense that way with putty or similar.
This can be used to test the script command.

Then maybe you can use winscp to upload a file or diagnostics/editfile
Store it in /root/ or something.. as /tmp/ will be wiped on reboot.
Likely need to make the script executable: chmod +x
Then with ssh you can try to run it (or under diagnostics/command and hope it doesnt hang the webgui)

Then cron package might be able to run it every hour or something..

There are likely lots of ways.. But maybe above general thoughts help a bit :)

Oh, whoops, the speed was set incorrectly(9600).  Thanks, heper.  I'll try 115200 when I get some free time.

Thanks!

Well, I never got my Bridge to work, but I ended up not needing a bridge at all.

I was able to simply assign the last usable IP of my /25 block to my VLAN5 interface and then use it as a gateway on all of my servers with manual outbound NAT.

Works great now!

I'm kinda blown away out of the dozens of hours of research I didn't find a single thread suggesting this implementation.

Thanks a lot to TandyUK in #pfsense on freenode.

Upgraded to latest.

I have two networks in the house.

Asus Wifi/Router/DHCP- 192.168.1.*  - un-managed switch - Computers , cell phones, rokus, all connect to this network.

Pfsense setup-  PFsense router "1 WAN NIC"      "1 LAN NIC"
                                                  |                            |
                                                  |                            |
                                                  |                            |
                                                                            8 port switch –--to--- 1 computer with 192.168.2.* ip by DHCP
                            connection from Asus router

2NIC motherboard setup with usenet vpn- the lan nic dhcp is setup to put out 192.168.2.* addresses.

I'd like for all devices on the Asus router to talk to the computer behind the pfsense router.

vpnsettings.PNG
vpnsettings.PNG_thumb
firewallrulesvpn.PNG
firewallrulesvpn.PNG_thumb

Could you give an IP of one of these servers that are off by 5 minutes?  They should not be listed as public if they are not going to keep correct time…

But you can set a refclock offset if you have a refclock source, ie PPS for example then you can set the server to have a specific offset from that source.. But I am not aware if just running a ntp client/server that pulls time from a ntp server how you can offset its time from what that server - that your suppose to be trusting is giving you the most accurate time possible, etc.  Other than setting your timezone to be off..

Back to these servers that are off by 5 minutes - they for one could not be in the ntp pool, since the monitor checks their time and if offset is too much their score drops and unless they have a score of 10 or more they are dropped from the pool

Example is stratum 1 ipv6 ntp server I run.. Typical offset from the monitoring station shows to be 5ms..  If some server was off by 5 minutes there would be no way to be allowed in the pool.. So I would love to check out this server your "using?" that is 5 minutes off??

ntpserver.png
ntpserver.png_thumb

has there been any development with this…

I have gotten my pfSense box in front of my Telstra router and have the phone service working on the supplied router...

but I can't seem to get dhcp6 to pick up an IP address

I can supply relevant information if people are still chasing setting up the phone through pfSense.

EDIT:  well it's an unreliable phone connection I've found out

@pfBasic:

Has an ISP or even an individual ever been successfully sued for.downloading (not distributing) copyrighted media?

If so is certainly the exception not the rule.

Realistically he has to worry about getting his internet throttled or cut off which would affect his business.

I dont think so, the laws are just very convoluted on the matter, and confusing lol.

So Big ISPs do not give out info, unless there is a court order, for them to do so. So Like was said I think the notice is the worst that ever happens.

There is a clause for "Hotel Wifi" and that states, that as long as the guests use a completely different Public IP (took care of that today they gave me a bridged modem and a /29, so I am directly routed.)

I also cannot monitor or have the ability to monitor setup, what sites they visit, or keep logs on it. Easy lol.

So in those regards I am clear, now, I was not before (we used the same Public IP).

The true ISP way to do it, would be to get a /26 and give each user an IP, that is tied directly to them, and while that would work for long term guests, that ability is slightly hampered by short termers needing a bridge to my network.

I also, have been configuring the guest lan with some pretty strict firewall rules, to help somewhat I hope. I am slowly opening on anticipated need, and locking them down hard.

traffic shaper related I think, looks like one of your queues has its share of bandwidth too high.

When you say "anything above the CIR will be discarded", do you state this as a fact or a requirement on your end? If it's a fact, then let the ISP drop the packets, TCP will back off. If it's a requirement, then you will need to use one of the traffic shapers. Different shapers have different characteristics.  HFSC has the most correct implementation and should be nearly perfect. Just enable traffic shaping on your WAN interface, set to HFSC and assign a bandwidth. Don't need to configure any queues as the entire interface will be limited to whatever rate to specify.

Depending on your circuit, you may need to play around with some settings. If your circuit is unbuffered but hard rate-limited, you may need to reduce your bandwidth slightly under your provisioned amount due to scheduling and bursting. You may need to reduce your bandwidth a bit anyway because they may be calculating bandwidth differently, layer1 vs layer2 vs layer3, and possibly layer1/2 that is different than Ethernet.