Now that you point that out I feel like an idiot. Yea i was using /29 instead of /21. Thanks for the help.

Remember it: https://www.pfsense.org/ip.php

There is a package called ntop that you can install in pfSense that might do what you're looking for.  I have limited experience with it, but I think I remember it being able to show and report on which IPs were coming into/out of the firewall.

Secondhand routers are cheap to buy. I usually keep at least one spare, known working, fully tested, preconfigured and updated router at each site to swap in when I get connection problems. Usually it's a different make and model which helps eliminate manufacturer specific problems. If the spare router doesn't fix the fault, I call my ISP. I tell them I have tested the connection on two different routers and have the same fault on both of them. Since the first time I did this, I no longer have to go through verbal config instructions for them to verify settings. They get straight on to the line faults team and usually the connection is back within an hour or so or they let me know if it will be longer. On more than one occasion, I found for myself that the router had developed a hardware fault and needed replacing. The spare stayed in service and a 'new' secondhand router was purchased to replace it. In some countries, ISPs often bundle a good quality router into the sale of a new business connections. Often, these routers arrive on site and are never unboxed because the customer already has a router to connect to. I buy these for my spares at a fraction of their cost new.

Look. There are no fixes going into this dead junk. Let alone cosmetic stuff like syslog facility. More clear now?

any dumb switch for <$20 would be better than bridging ports if you ask me ;)

I'd guess that the selection is made from probably the first or last of the XXXX-quality.rrd files in the /var/db/rrd directory in whatever order they are listed by default. That would mean that you'd need to rename the interfaces to change the selection. Again, that's a guess. And I AM an idiot…

Try reading some of the posts in the Traffic Shaping forum, or ask your question there.

Hello, did you find any solution for the same. Thank You.

Actually, someone else is going to be paying for them to go faster, eventually, but not the rest of the CONCACAF nations.  It's all the poor suckers in the US paying the asinine FUSF fees.  Which is pretty much everyone.

Don't think so, no. Active, automatic network diagram spending no time and no money?  Good luck.

@firewalluser: @kevindd992002: @divsys: By default "Pass" rules are not logged (to save log space). If you need to ensure a rule gets logged, check the "Log" box while editing the rule. https://doc.pfsense.org/index.php/Firewall_Rule_Troubleshooting has more info. Got it, thanks! I have an issue with the firewall though. It's been working fine since yesterday. I have different NAT rules to forward connections and other services through NAT (RDP and mail servers included). This is in a test network inside our company. For some reason, I cannot access these services from an external network since yesterday and I've made no changes in the firewall rules. I highly suspect that this is a configuration change in our front end firewall (which I don't have access since my pfsense firewall is just a backend firewall) but I need to confirm if this is really the case. I've been given two public IP's. One public IP is the main WAN connection of my pfsense box and the other is in a NAT 1:1 rule. I don't see any blocks on the firewall logs but when I do a packet capture, I do see that the connections are being logged. That means that the packets do reach my pfsense backend, right? Also setup a separate device running a syslog server of sorts, rsyslog is more compatible, this way if your fw gets targetted you have a separate device with historical logs to check through anything thats been going on as its quite easy to hide activity on pfsense as the gui log only goes back 2000 entries. System log, Settings tab, scroll down the bottom, tick everything and put in the ip address of the syslog server. Dont forget to use a firewall on the device running the syslog server at the very least as well. The more you log everything from every device on your network and isolation the devices on your network, the easier it becomes at spotting anomolies which could be bugs which have exploitable potential, also test how things react when things are not working properly, ie a public facing server when pfsense goes down for example. Sometimes its when things go wrong that new exploits present themselves in conditions which are not usually tested for, aka break things.  :) Thanks for the suggestion but I'll have to plan that for a later date as my pfsense VM is more for personal purposes than for production.

Routinely have thousands of Captive Portal users on a 200M line (Soon 300M) on a 2.1.5 C2758.

Thanks a lot! I think I get it now  ;D

So you say you have reinstalled the box. Did you reconfigure it from scratch? I cannot see any value in reinstalls if you keep importing the same (very likely broken) configuration after that.

Hello, you might to have a look here for some guidance. https://forum.pfsense.org/index.php?topic=98270.0

Dear Johnpz, How do I turn off squid and snort. I am unable to access pfsense through webgui. Should I access the shell from pfsense console and give the following command: killall -HUP squid killall -HUP snort Thank you. Regards, Ashima