@meowmere said in What is the best way to protect this network?: but what does pfSense do in the background to prevent outsiders from entering the network, how do they work exactly? Dangerous question. As it shows that you don't know what a firewall is. pfSense, or the firewall used by the router from your ISP, or any other firewall (router) out there, behave the same way. IMHO, the fastest way to understand what happens, what this is, a "statefull firewall", install "Youtube", search for "what is a state-full firewall", hit enter, select the videos that have 'zillions' of likes, watch them all, and done. Be aware, a couple of decades ago you had to visit Havard to know what you know now. It's as easy as that. How do they filter outbound and inbound data? Everything initiated from the outside, also known as the Internet, is blocked. Everything initiated from the inside, also known as the LAN, is passed. With you doing nothing more, without changing any settings, without you activating any pfSense "gadgets", if the LAN users behave as real adults, you're job is over. Keep in mind : it happens a lot : the real security problem of a network can be the admin itself, because he doesn't know what he is doing - or worse, he thinks he does .... @meowmere said in What is the best way to protect this network?: I am in desperate need of information Not that hard to find. Half the planet is now hooking up his home, small company or what ever else to the Internet. Everybody has the same question. The most discussed subject on the Internet is ... not the new car of the neighbor, or who win the elections, but Internet itself and everything related. It's like playing chess. There is no short cut, not brain implant possible, no miracle solution. It's the good old ancient process : you have to take some time, sit down, and learn.

Ah, nice!

Ah, yes. Disabling ntopng as a test is what I would recommend.

Ah, I see. Well better going forward then at least.

Hi, Thanks for the advice. I was looking around and found that WAN_COMCAST_DHCP was somehow still in a Firewall Rule for OpenVPN. I updated that rule to the correct gateway and I have not seen the error anymore. Cheers!

@johnpoz I don't think it matter now either, because I changed the mask to 192.168.100.0/24 and Virtual IP to the same and it works. I think the web interface on the Hiltron CODA56 running SW Version 7.3.5.0.1b5 seems like its goes unresponsive. I rebooted the modem and the web interface was back. Seems like they had issue with older code, but pfsense is working as it should.

Nope that's the only location on the firewall It will save up to 30 backup configs. It makes a backup any time you make a config change. You can restore a backed up config file you have locally in Diag > Backup / Restore.

And what error did it show when you tried to ping? Just timed out? No route? TTL expired? Network down? If ifconfig shows the NICs as still linked and it has a valid route still then I would expect it to try to send traffic to the gateway. If the virtual NICs just stopped passing traffic then it will fail to ARP for the gateway and show an error related to that. However if it can still ARP for the gateway then that's probably some network config issue.

Nothing that I've seen. You can add a feature request: https://redmine.pfsense.org/ Steve

I found solution for me, I rebooted.... then internat came to my LAN

Try setting the monitoring IP to something external, it will give you better data anyway. Edit the gateway in System > Routing > Gateways. Try using 8.8.8.8 or 1.1.1.1 etc.

Yeah it would need to support that specifically. Otherwise you could probably run two VMs for example.

Sounds good to me.

For most patches nothing further is required. However some of the recommended patches for 2.7.2 do so I would reboot after applying to be sure. When restarting or rebooting is required it's noted in the patch description.

Check Diag > System Activity or top -HaSP at the command line. What is using the CPU cycles when this happens?

@terryzb said in pfBlockerNG vulnerability?: Is this a concern? tl:dr: Nope.

@dada00 Thanks for asking/posting this. This was exactly my situation as well. I had long forgotten that I had set a particular host as a test VPN server. I was racking my brain trying to figure out where the monitoring was happening. @jamesonp You rock! Thanks!

@Fandangos said in Is it possible to have a device from one interface to have an ip on another interface?: no I set it up manually on the docker container. So if an IP is not set up by DHCP it will not show up at DHCP leases. Makes sense. Exactly. You can see the IP in Diagnostic > ARP table, however, after a communication with it for 20 minutes. If your intention is to use its host name to access it add a host override to your local DNS. When I'm doing a VLAN here, I have a smart managed switch that will tag the port connecting to PfSense and tag the ports I'm using to connect my devices to it. No, the VLAN has to be terminated on Unraid and pfSense. If there is a VLAN-capable switch in between both ports need to tag the packets with the proper VLAN tag. Isn't it possible to create virtual IP and NAT it somehow? NAT = translate the IP from one L2 subnet into another one. As I wrote in my very first setence, DLNA requires both, server and client to reside within the same L2.

Nice! Yeah there's a lot of ways to get that to fail! Sounds like you removed them all though.