Someone already asked for a Smokeping package for pfSense but it didn't go anywhere.  You could run your own instance of *nix in a VM and then install Smokeping and use that.  Not as good as running it on the one appliance but better than nothing.

Hi! You can use OpenVPN in bridge mode for that. Add network adapter and bridge it with OpenVPN tap device.

Okay - so I have now fixed this and achieved what I wanted here is the final code: #!/bin/sh wget -qO- --keep-session-cookies --save-cookies cookies.txt --no-check-certificate https://192.168.1.1/diag_backup.php | grep "name='__csrf_magic'" | sed 's/.*value="\(.*\)".*/\1/' > csrf.txt wget -qO- --keep-session-cookies --load-cookies cookies.txt --save-cookies cookies.txt --no-check-certificate --post-data "login=Login&usernamefld=[b]MYUSER[/b]&passwordfld=[b]MYPASSWORD[/b]&__csrf_magic=$(cat csrf.txt)" https://192.168.1.1/diag_backup.php | grep "name='__csrf_magic'" | sed 's/.*value="\(.*\)".*/\1/' > csrf2.txt wget --keep-session-cookies --load-cookies cookies.txt --no-check-certificate --post-data "Submit=download&__csrf_magic=$(cat csrf2.txt)" https://192.168.1.1/diag_backup.php -O config-router-`date +%Y%m%d%H%M%S`.xml rm cookies.txt rm csrf.txt rm csrf2.txt                                                                                                                                  ls -td *.xml | awk 'NR>30' | xargs rm  I got it to work by removing all special characters from the password, I wasn't sure which one was causing the issues as my admin password that worked also has a couple, but removing them all worked. I have put the user back to only have access to "Diag/Backup-Restore" page, and not the other login permission. I also added the last four lines: They remove the files created by the script, and the final line keeps deletes the old configs once there is more than 30 (I have just the .sh file and the .xml configs in their own directory). I will run a daily cron job on the FreeNAS box to run this script therefore having the last 30 days of configs saved. Its working in testing - but if anyone has any pointers on what I can improve (or may have overlooked) please don't hesitate to educate me. Also seeing as how I've started a thread and basically answered my own question, if this needs to be deleted so be it. But I've left this here for anyone else in the future. Cheers

@phil.davis: If this is unchecked firewall and NAT is turned off. Hence your outbound NAT didn't work. That sentence is the wrong way around, it should say: If this is checked firewall and NAT is turned off. Hence your outbound NAT didn't work. Yes. Sorry, my mistake.

@heper: a firewall is not the solution to DDOS. This. If you need DDoS protection there are companies out there that provide it. They are not cheap but they tend to work.

OSPF daemon in Quagga is actually two separate daemons, one for IPv4 and the other for IPv6. Quagga package on pfSense does not include any management interface for ospf6d (IPv6), so you would have to configure it by hand. Second problem is there are no startup scripts to make ospf6d start up automatically, you would have to modify pfSense startup scripts, etc for this to work.

Not sure, but is that the full command line? try checking the process with the following: ps auxww the 'ww' part will show the full command for each process.

Take a look at pfBlockerNG

Hello, I think I have gone back to the original slice via the console. If I boot it with verbose logging I get the following error…. Configuring firewall......t_delta hjdskhak789hjh too short I then can not access anything as it's not dishing out any IP's on DHCP. Any thoughts?

It's probably hardware (although memory is ok), as the machine started to reboot itself every hour or so… resolved by installing 2.2.6 on another box. Thanks anyway for all replies.

@David_W: You don't need to configure the authentication type. pfSense will accept requests to carry out CHAP, PAP or EAP. If your ISP requests PAP authentication, pfSense will carry out PAP using the username and password you have configured. PPPoE is, in most cases, as straightforward as configuring the username, password and PPPoE parent interface. Thank you. So it uses the correct authentication type automatically. That's great. I was wondering about this though because there was nowhere to configure it in the user interface and there was no note about this on the PPPoE screen.

Install the card Do a fresh and full install of pfSense 2.2.6 If the card is not recognized, try loading the "ex(4)" driver module for it. Alternatively you could try out; Install the card Install FreeBSD 10.1R and see if this card get recognized If not compile the driver from source code and then find out which .ko module is loaded for this card as driver copy this .ko module over to your pfSense when the card is installed and then load it Please make sure that the same FreeBSD and pfSense versions will be used to realize this. FreeBSD 10.1 > pfSense based FreeBSD 10.1 32Bit > 32Bit and 64Bit > 64Bit

I could half way solve the problem with adding a device without any configuration as l2tp0 and connect one side B and configure the GRE tunnel on that device. If I now could somehow either configure the GRE tunnel to use just other end of the ptp or have each site B using the same l2tp device this would be solved but I think it is not. I wonder if it would be possible to run a custom script on l2tp interface up that sets the GRE endpoint to ptp end?

I have read in the forum saying that 32-bit system can recognize up to 4G of RAM. Perhaps a fresh and full install will do the job. The reason I chose to use this particular build is that this is the build that has the best openvpn performance as compared to the latest 64-bit build. This could be, but it is based on FreeBSD 8.3 and the newer versions will be based on FreeBSD 10.1 so it would be not the best option to use an older version, pending on the other failures and problems that will be gone away with FreeBSD 10.1. For now, I would like to run 2.1.5 32-bit. Not for ever trust me please, earlier or later pfSense will be only available as a 64Bit system and then you should change to the newer version.

"And also would be nice if those automatically added rules showed up in the Firewall Rules display (read-only) so they are easily seen" Agree, this has been a long standing request has it not? Could make it a toggle that has to be enabled in advanced setting or something, since it more than likely would confuse some users.  Or guess they can show it like they show the anti lockout rule..  But fully agree, would be nice to see all the rules in the gui firewall tabs vs https://doc.pfsense.org/index.php/How_can_I_see_the_full_PF_ruleset

My understanding is the authentication is certificate based, which I don't have access to so no way out of that. I was hoping pfSense had some Layer 2 capabilities baked in, but was a shot in the dark. I have a Dell 5424 switch which should in theory be able to only allow the 802.1X packets through to the RG and everything else to pfSense, however I'm having trouble just getting the RG and ONT to talk through the switch in the first place before any ACLs get applied. I appreciate the reply!