I already bought the Intel, I didn't want to risk it. I can't find any topics on it over other NICS, is it just the support?

For safety reasons (IPMIs have awful security track records), I'd disable the NIC sharing where you have a dedicated IPMI port on the hardware. We do that on the systems we sell where that's applicable. If it's hardware that only has a shared port IPMI, use that port for your LAN rather than WAN as OP did.

It's a new device so one can try it on the bench while the old one is in service. ezpz.

;) ;)Thanks man , but sorry for late reply it worked

i did check my hard drive and no bad sectors or nothing wrong with it as per the attached so please would you clarify in more details what i can i do to solve this bug and avoided totally  

Hi John, thank you for your reply. For the WAN: right now there is no WAN on these servers. they aren't allowed to go to Internet. Right now the default gateway of these servers is the core switch were all the vlans are pointing as default gateways. Should I still use this as Default gateway on pfsense? by doing this I don't have any WAN but only a LAN with a default gateway, correct? thank you a lot best regards Nick

[2.2.6-RELEASE][admin@pfsense.bhf.net]/root: ps ax | grep 'url' 42622  -  Is      0:00.00 /usr/local/bin/minicron 86400 /var/run/update_alias_url_data.pid /usr/local/sbin/fcgicli -f /etc/rc.update_alias_url_data 42800  -  I        0:00.00 minicron: helper /usr/local/sbin/fcgicli -f /etc/rc.update_alias_url_data  (minicron) 85776  0  S+      0:00.00 grep url 86400 = one a day for me. It's set up from config.xml - and put here /etc/crontab …... (I guess).

thats possible. i'm not experienced enough to debug a packetcapture & find out if it's a DoS attack. some of the members or developers here might be able to help you out

Encountering a similar error. I have a blank VM that can find PXE server but TFTP sends errors: PXE-T01: File not found PXE-E3B: TFTP error - File not found PXE-M0F: Exiting Intel PXE ROM pfsense is configured as shown in attachment. [image: pxe.JPG] [image: pxe.JPG_thumb]

@nicholas1520: Thanks for the replies everyone. Once the device is placed in it's bridge mode, there's no way to enter a username and password. It seems that the PPPoE session needs to be initiated by the pfSense then communicate it to the ONT. Oh ok this was not clear to me. Then you could perhaps ask at your ISP what is the best way to connect you custom firewall to their Network or plain the Internet. I am pretty sure they know a way to go for you.

Thank you KOM I will take a look at using ee or clog it seems like that will allow me to do the searches I need. I'm thinking "time" might not be the best way to express the log file limits because that will change depending on the amount of traffic. 1 day of traffic for you might be 2 or 3 days for someone else or vice versa. I have the email reports package and I had it send me what it had which should be a full day but not in this case because I reset the logs yesterday evening. The email size will be larger than the actual file because it also includes an RRD image of the traffic but probably not by too much. The email is 16megs, spans "Mar 10 20:39:32" to "Mar 11 14:10:55" and is almost exactly 100,000 lines (that's one line per entry at 160 bytes per entry). That's just over 17 hours or approximately (less than) 1 meg per hour. At that rate I should be able to get somewhere around 700 hours of logging or almost a month which will do nicely now that I know how to search it.  :) Obviously, on a busy or slow month that could change considerably. Anyway, I just included all that stuff to help anyone that comes along later that wants to try calculating things. Lots of rounding and estimating going on so try to use your own numbers if you can. Note, I saved all the lines into a text file and that's only 15.7 megs. Thanks for your help everyone. Joe

Hi, When i check "Hardware Checksum Offloading" I have significant performance improvement, but is not égal to -C I'M in 2.2.6 version. G

I have a HPE Proliant DL120 G9 server, that I want to use as a pfsense router. I have installed ESXi 6.0, and am using pfSense 2.2.6. I have a few questions and I'd be grateful if you helped me with them. Is this the HP custom version of ESXi or the regular version? I have two NICs installed on this server. One is a 2-port embedded LOM, and the other is a 4-port add-on NIC (known to the server as Flexible LOM). Is there a real and hardware IPMI port? I mean a dedicated one, only for the ILO usage? Or is this a shared port that can act as the IPMI (ILO) Port or for anything else also? And what 4 Port NIC is this exactly please? 40+ views and not one reply! To say the least, interesting. I managed to solve Q2 and Q3. Most important to me right now is Q4 and Q5, someone please at least drop a line about either one. One tread with one big question or one thread with many smaller questions would be the best I think! And like it looks here I am not alone, perhaps this is owed to that circumstance? So in my eyes you could use the quad port NIC for the following parts; LAN Port 1 > WAN 1 LAN Port 2 > WAN 2 LAN Port 3 > LAN LAN Port 4 > WLAN with CP Then you can be easily use the both onBoard LAN Ports as your IPMI (ILO) Port and the other for the APC USP to secure the entire server. This would be not harming anything or build a security hole in. 2. Does it make any difference which NIC is used as em0 for WAN and which for em1 for LAN? I want to use the two ports on the embedded 2-port NICs for my two WANs (so em0 and em1 are WANs, and em2 is LAN). But when I do this, I cannot get em2 to act as DHCP server - or again I do not know how to. In normal you would be able to use all kind of LAN Ports for all things you want, only if some problems occurring and can´t solved out, only in this situations it can be wise to use the em driver as the WAN interface instead of the igb(4) driver, but not at the start more if something goes wrong and can´t be solved out. But why creating problems and then try out fiddling them out? 3. When I get to set up my two WANs within pfSense (to do load-balancing, fail-over, and whatnot) the second WAN doesn't give me the option to configure a gateway for it - or I don't know how to. So, the second gateway always shows as "offline." In one video on Youtube, I saw a setup where the guy had set its DSL modem to assign an IP to WAN 2 in pfSense. So, basically, the modem establishes the PPPoE connection, and assigns a local IP address to WAN 2 configured in pfSense. Then, you can set WAN 2 as DHCP client, and assign the second gateway. But, what bothers me about this scenario is that now your connection to the outside world goes through two NATs. Once at the pfSense level, and the second at modem. For example, a 4.2.2.4 packet from outside gets to the modem, retagged to 192.x.x.x, subsequently is delivered to pfSesnse, and finally the packet is delivered from pfSense to my PC to IP of 10.x.x.x. This is not the proper setup, is it? What is the proper setup? Hmm, how to start here right? If you want to do a load balancing you need a minimum of two WAN interfaces and there fore you should create also two WAN groups each sorted right with a gateway, so called gateway groups. And in normal you will be connect one modem at each WAN port. A pure modem is not doing SPI & NAT!!!!! It is a bride device and don´t do any routing, DHCP and SPI/NAT. Only a real router with an internal modem will do SPI & NAT, but often this routers will be able to set up in the so called "bridge mode" and then this routers are also acting as a pure modem without doing any kind of NAT or SPI in front the pfSense firewall. Only if you are placing a real router in front of the pfSense that will be not able to set up on the bridge mode it will be a so called double NAT, but then you will loose only 3% - 5% of the full throughput and this would be not really urgent in normal, if you don´t want to terminate VPN connections at the pfSense firewall. 4. If and when the the load-balancing is setup, I am told that accessing banks and other sites that monitor IP connection (this is how it is where I live), midway if the connection switches IP from WAN1 to WAN2 then the bank drops the connection. How can I configure a firewall rule that all SSH or 443 connection to go through only one WAN? You will be able to load balance the entire traffic by using more then one method. session based routing (this is more for server traffic balancing) policy based routing (this could be taken also to direct the SSH traffic through one WAN Port) service based routing (this would be right for the SSH traffice to go through one WAN port) 5. I also I have a em3 port, that I want to set on a different subnet (or inside a VLAN) as to act as my hotspot for visitors. What is the best way to go about doing this? Routing is the goal and way to go with in my eyes. Please don´t bridge ports together and ask then why the; ports are flapping packet loss is growing latencies are even gain or high up packet drops and connectivity is lost Or something else. I would  suggest to go with routing instead of bridging ports together. 7. One of my ISPs requires MAC address registration (so every time I connect a new router to modem –when in bridge mode-- I have to call them up to release the MAC address so that their system acquires the new MAC address - a true pain in the neck). Should I clone the MAC address at the ESXi level when I am building the pfSense VM, or should I spoof it inside pfSense? Would it make any difference at all? buy a real modem that fits your needs and Internet connection like the Draytek Vigor 130, as an example this could be truly and real turned into the bridge mode and will be only one time registered with its MAC address by your ISP. And then you could install behind of them all you need and want. Either pfSense or any other kind of router or firewall. So why spoofing a MAC address?

@jpsil: I feel like an idiot…The problem was the cable.  It was a cat6 cable that had been in use for a while.  I swapped out the cables and now I am running like 120 down and 12 up.  Still not perfect, but much better.  Sorry for the oversight. Ok pending on the numbers of 120 down and 12 up it would be more owed to some other things inside of pfSense or perhaps the point of running in a VM. You could try out the following; high up the mbuf size enabling PowerD (hi adaptive) On top of the 120 down you must count the TCP/IP overheat and the passing through of NAT and firewall rules what can narrow down the entire throughput also really hard, oending on the system tech. specs. likes CPU horse power and amount and speed of the RAM.

I was not logged in as the 'admin' user. I was logged in as an admin user, but not the admin user. Solved.