Ok just sent message to all of them in same format to: emailaddress subject: test message to emailaddress This is test message per thread on pfsense forum about strange email getting added to messages. Let me know what you get..

@doktornotor: Do NOT put gateways on your LAN! It's even written in the GUI! That did the trick thanks !

I have a small/home network. So with raspberry pi is enough just for collecting logs. But, I'm thinking in mount a virtual server (proxmox) and I could use a virtual machine for logs. Also I would like to install in that virtual server: kali linux, honeypots, web servers, etc. I have to start saving!  :) Thanks.

What? Yeah have lots of dc in multiple customers I support.. Not one of them has public internet talking to them for dns..  If they even suggested such I would think they are on drugs..  If you want to use MS to host dns - sure go for it.. But not your AD dns using the same domain for sure.. You still have the problem that you only have 1.. same freaking IP, that your registrar even let you do that is beyond me.. Fixing your DNS is priority one.. Your name delegation is completely borked no matter what you want to use to host it, etc..  FIX YOUR DNS!!!  I have already told you what is wrong with it.  First step is at your registrar - having actually 2 different dns serves that should NOT be on the same network that is for sure..  If you set on hosting your own public dns off your connection and off your DC ok.. But get s secondary somewhere else. If you do not know anything about dns - then get someone in your org that does.. Hire some one if need be..

Thanks for the response. I ran /etc/rc.conf_mount_rw via SSH - it returned successfully very fast. I then ran /etc/rc.conf_mount_ro - it took a few seconds, then also completed successfully (both commands verified by looking at the output from "mount") After the filesystem was mounted read only - I ran fsck -y /cf - and it produced the following result: ** /dev/ufs/cf ** Last Mounted on /cf ** Phase 1 - Check Blocks and Sizes ** Phase 2 - Check Pathnames ** Phase 3 - Check Connectivity ** Phase 4 - Check Reference Counts ** Phase 5 - Check Cyl groups 33 files, 8520 used, 92535 free (39 frags, 11562 blocks, 0.0% fragmentation) ***** FILE SYSTEM IS CLEAN *****

You could block all outbound traffic from the offenders, then when they complain you remind them of the policy they are violating and you'll unblock when they stop violating.

Well you should not be natting between 2 lan segments.. So you checked the arp table and pfsense arp table showed correct for the machine you were putting the .40 address on?  Could the .40 ping pfsense interface? I have never had to reboot pfsense because something wasn't working, I have had to clear states for a specific connection sometimes when trying to block something when there was a state already.  Only time had to reboot pfsense was when updating it. So your connections to pfsense from this .40 box is just to switch and then pfsense interface on same switch.  Your just doing dumb switch or do you have vlans setup, etc. etc.

Ah dang,  yep didnt catch that…...thanks for pointing it out!

I use the pfSense box to run captive portal and a seperate vlan for wireless network.  I also use it just to monitor bandwidth and get stats.  I want to keep the Comcast box as the lans main dhcp server/gateway for now.  That will change down the road but at the moment I'm not ready to make that switch.

@pfcode: But they are tied to the Month (e.g. September_15), which isn't what I want,  aren't they? No, they are not (also, read the notes there) - it's just the GUI calendar being completely confusing

@tobiascapin: Sorry… https://doc.pfsense.org/index.php/How_can_I_monitor_bandwidth_usage You're doing better than most people who ask questions.

We have a $250,000 high end firewall that is loaded with bugs and limitations and could be easily replaced with $10k of machines and some opensource software that many companies use. Instead of learning the underling issues, "admins" resort to pre-configured systems that are really expensive, and if the system doesn't have a check-box for a certain situation, not much you can do.

Can you explain more about what exactly you're trying to do? Port forwards have a "No RDR", and a "Not" flag for the destination… Outbound NAT rules have a "Do not NAT" option and "Not" on the destination. If you're looking to exclude certain things from NAT, usually those are not necessary even. If you can describe the scenario with more detail then perhaps we can help figure out a solution.

yeah a cable tester is good tool for the belt for anyone that deals with cabling be it you make your own or buy predone, etc. Simple testers can be as cheap as <$50 for sure.. Now if you want a fancy specification validation tool you can get into the 1000's so kind of out of the realm of home user diyer ;) The cheap ones won't point out issues in quality of the cable but will real quick tell you if wiring is wrong, shorts/opens, etc.  So nice tool to check a cable before you put it into use, etc.  And that you crimped them correctly, etc.

http://wiki.mikrotik.com/wiki/Manual:RouterOS_features https://www.pfsense.org/about-pfsense/features.html